Product
open xchange ox guard
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-26456
CVE-2020-28944
CVE-2020-9427
CVE-2020-9426
CVE-2018-10986
CVE-2016-6854
CVE-2016-6853
CVE-2016-6851
CVE-2016-4028
CVE-2015-8542
CVE-2015-7385
< 2.10.7
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing
<= 2.10.4
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
all versions
OX Guard 2.10.3 and earlier allows SSRF.
all versions
OX Guard 2.10.3 and earlier allows XSS.
all versions
OX Guard 2.8.0 has CSRF.
<= 2.4.2
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signa
<= 2.4.2
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injecte
<= 2.4.2
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code can be provided as parameter to the OX Guard guest
<= 2.4.0
An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer
<= 2.2.0
An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private K
<= 2.0.0
Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary w