CVE-2021-33488Improper Input Validation in OX APP Suite

CWE-20Improper Input Validation3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 46.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Open-xchange OX APP Suite
Timeline
PublishedNov 22
Latest updateMay 24

Description

chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-wmjg-j8m2-29c4: chat in OX App Suite 72022-05-24
CVEList
CVE-2021-33488: chat in OX App Suite 72021-11-22
CVE-2021-33488 — Improper Input Validation | cvebase