CVE-2022-37308

Published: Dic 26, 2022 Last Modified: Apr 14, 2025 EU-VD ID: EUVD-2022-39944 Aliases: GSD-2022-37308
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,1
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: changed
Confidentiality: low
Integrity: low
Availability: none

Description

AI Translation Available

OX App Suite through 7.10.6 allows XSS via HTML in text/plain e-mail messages.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0083
Percentile
0,7th
Updated

EPSS Score Trend (Last 90 Days)

79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Confidentiality Integrity Availability
Potential Impacts:
Bypass Protection Mechanism Read Application Data Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: AI/ML, Web Based, Web Server
Likelihood of Exploit: High
View CWE Details
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6003:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6133:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6072:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6112:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6008:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6046:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6051:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6069:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6080:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6068:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6121:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6060:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5994:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6053:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5961:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6120:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6026:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6016:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6034:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6020:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6111:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6101:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5982:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6000:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6029:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6073:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6132:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version Range Affected
To 7.10.5 (exclusive)
cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6092:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6010:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6137:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6146:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6149:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6066:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6035:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6084:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5989:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6102:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6085:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5976:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6061:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6141:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5973:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6148:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6079:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6150:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6093:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6147:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6140:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.6
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6:patch_release_6138:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6038:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Open-Xchange Appsuite by Open-Xchange

Product Information
Vendor Open-Xchange
Product Open-Xchange Appsuite
Version 7.10.5
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://open-xchange.com
Vendor Advisory
https://open-xchange.com
https://seclists.org/fulldisclosure/2022/Nov/18
Exploit Mailing List Third Party Advisory
https://seclists.org/fulldisclosure/2022/Nov/18
https://open-xchange.com
Vendor Advisory
https://open-xchange.com
https://seclists.org/fulldisclosure/2022/Nov/18
Exploit Mailing List Third Party Advisory
https://seclists.org/fulldisclosure/2022/Nov/18