cbcvebase.
CVE-2013-2582
published 2013-09-05

CVE-2013-2582: CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2…

PriorityP420medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.05%
59.9th percentile
CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging improper sanitization of whitespace characters.

Affected

8 ranges
VendorProductVersion rangeFixed in
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_appsuite
open-xchangeopen-xchange_server
open-xchangeopen-xchange_server
open-xchangeopen-xchange_server
open-xchangeopen-xchange_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.