cbcvebase.
CVE-2013-5035
published 2013-09-05

CVE-2013-5035: Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to…

PriorityP420medium4.9CVSS 2.0
AVNACMAuSCPIPAN
EPSS
0.69%
48.2th percentile
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other persons in opportunistic circumstances by leveraging lack of thread safety and performing a rapid series of (1) mail-sending or (2) draft-saving operations.

Affected

20 ranges
VendorProductVersion rangeFixed in
htmlcleaner_projecthtmlcleaner<= 2.5
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
htmlcleaner_projecthtmlcleaner
open-xchangeopen-xchange_appsuite
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.