CVE-2017-6913

CVE-2017-6913

EPSS 1.0%

Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/gquere/CVE-2017-6913 https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4133_7.6.3_2017-05-15.pdf