Open-Xchange Ox App Suite vulnerabilities

CVE-2022-43697 [MEDIUM] CWE-79 CVE-2022-43697: OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob. OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob.

CVE-2022-43698 [MEDIUM] CWE-918 CVE-2022-43698: OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-lis OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.

CVE-2022-43699 [MEDIUM] CWE-918 CVE-2022-43699: OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-li OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the DNS records of an external domain (found in the host part of an e-mail address).

CVE-2022-29851 [CRITICAL] CWE-78 CVE-2022-29851: documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, a documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document.

CVE-2022-31468 [MEDIUM] CWE-79 CVE-2022-31468: OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter.

CVE-2022-23100 [CRITICAL] CWE-78 CVE-2022-23100: OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an emai OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment).

CVE-2022-24405 [CRITICAL] CWE-78 CVE-2022-24405: OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentc OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.

CVE-2022-24406 [MEDIUM] CWE-330 CVE-2022-24406: OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls.

CVE-2022-23101 [MEDIUM] CWE-79 CVE-2022-23101: OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message. OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message.

CVE-2021-44211 [MEDIUM] CWE-79 CVE-2021-44211: OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signa OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature.

CVE-2021-44212 [MEDIUM] CWE-79 CVE-2021-44212: OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substri OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring.

CVE-2021-44213 [MEDIUM] CWE-79 CVE-2021-44213: OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message. OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message.

CVE-2021-44210 [MEDIUM] CWE-79 CVE-2021-44210: OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data. OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data.

CVE-2021-44209 [MEDIUM] CWE-79 CVE-2021-44209: OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO. OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO.

CVE-2021-44208 [MEDIUM] CWE-79 CVE-2021-44208: OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat. OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat.

CVE-2021-33489 [MEDIUM] CWE-79 CVE-2021-33489: OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file. OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file.

CVE-2021-33490 [MEDIUM] CWE-79 CVE-2021-33490: OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature. OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature.

CVE-2021-38374 [MEDIUM] CWE-79 CVE-2021-38374: OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader referenc OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL.

CVE-2021-33491 [MEDIUM] CWE-22 CVE-2021-33491: OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, becau OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records.

CVE-2021-38376 [MEDIUM] CWE-287 CVE-2021-38376: OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via th OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.