Vulnerabilidades em OX Software GmbH
33 resultadosCVE-2023-26436HIGHAttackers with access to the "documentconverterws" API were able to inject serialized Java objects, that were not properly checked during deEPSS 1.3%CVE-2023-26433MEDIUMWhen adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-26432MEDIUMWhen adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-26434MEDIUMWhen adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Attacker with access tEPSS 1.1%CVE-2023-26451HIGHFunctions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. AuthorizatiEPSS 1.0%CVE-2023-26428MEDIUMAttackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of EPSS 1.0%CVE-2023-26431MEDIUMIPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accEPSS 0.8%CVE-2023-26429LOWControl characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedEPSS 0.8%CVE-2023-26435MEDIUMIt was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers coEPSS 0.8%CVE-2023-26443MEDIUMFull-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements. With existing sanitization in place, this caEPSS 0.7%CVE-2023-26450MEDIUMThe "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executEPSS 0.7%CVE-2023-26449MEDIUMThe "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executeEPSS 0.7%CVE-2023-26430LOWAttackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEPSS 0.6%CVE-2023-26447MEDIUMThe "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not geEPSS 0.6%CVE-2023-26445MEDIUMFrontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. MEPSS 0.6%CVE-2023-26448MEDIUMCustom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script EPSS 0.6%CVE-2023-26446MEDIUMThe users clientID at "application passwords" was not sanitized or escaped before being added to DOM. Malicious script code can be executed EPSS 0.6%CVE-2023-26438MEDIUMExternal service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cEPSS 0.5%CVE-2023-29046MEDIUMConnections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connectioEPSS 0.5%CVE-2023-26439HIGHThe cacheservice API could be abused to inject parameters with SQL syntax which was insufficiently sanitized before getting executed as SQL EPSS 0.4%