CVE

Id
76294  
CVE No.
CVE-2014-8993  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev40, 7.6.0 before 7.6.0-rev32, and 7.6.1 before 7.6.1-rev11 allows remote attackers to inject arbitrary web script or HTML via a crafted XHTML file with the application/xhtml+xml MIME type.  
Phase
Assigned (20141119)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
703272 76294 CVE-2014-8993 BUGTRAQ:20150105 Open-Xchange Security Advisory 2015-01-05  View
703273 76294 CVE-2014-8993 URL:http://www.securityfocus.com/archive/1/archive/1/534383/100/0/threaded  View
703274 76294 CVE-2014-8993 MISC:http://packetstormsecurity.com/files/129811/Open-Xchange-Server-6-OX-AppSuite-7.6.1-Cross-Site-Scripting.html  View
703275 76294 CVE-2014-8993 SECTRACK:1031488  View
703276 76294 CVE-2014-8993 URL:http://www.securitytracker.com/id/1031488  View
703277 76294 CVE-2014-8993 SECUNIA:62031  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
16692 JVNDB-2014-005567 Incredible PBX の reminders/index.php における任意のコマンドを実行される脆弱性 Incredible PBX の reminders/index.php には、任意のコマンドを実行される脆弱性が存在します。 CVE-2014-9001 76294 6.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005567.html  View