Open-xchange Ox_guard

11 CVEs affecting Open-xchange Ox_guard. Latest disclosed: 2023-11-02. Critical: 0, High: 4.

Top CVEs affecting Open-xchange Ox_guard
CVESeverityScorePublishedSummary
CVE-2018-10986High8.82019-07-03OX Guard 2.8.0 has CSRF.
CVE-2015-8542High8.82016-12-15An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after…
CVE-2020-28944High7.52021-04-30OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
CVE-2016-4028High7.52016-12-15An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. T…
CVE-2020-9426Medium6.12020-06-15OX Guard 2.10.3 and earlier allows XSS.
CVE-2016-6854Medium6.12016-12-15An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verif…
CVE-2016-6853Medium6.12016-12-15An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public…
CVE-2016-6851Medium6.12016-12-15An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code can be provided as parameter to the OX Guard guest reader web application. This…
CVE-2023-26456Medium5.42023-11-02Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, al…
CVE-2020-9427Medium5.02020-06-15OX Guard 2.10.3 and earlier allows SSRF.
CVE-2015-73852015-11-19Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid…