ID de Prueba:	1.3.6.1.4.1.25623.1.0.806068
Categoría:	Web application abuses
Título:	Open-Xchange (OX) App Suite Multiple Vulnerabilities - 01 (Oct 2015)
Resumen:	Open-Xchange (OX) App Suite is prone to multiple; vulnerabilities.
Descripción:	Summary: Open-Xchange (OX) App Suite is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Insufficient sanitization of user-supplied input via a folder publication name - Insufficient sanitization of user-supplied input via vectors related to unspecified fields in RSS feeds Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary HTML and script code in a user's browser session in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and control how the site is rendered to the user, other attacks are also possible. Affected Software/OS: Open-Xchange (OX) App Suite versions before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16. Solution: Update to version 7.4.2-rev33, 7.6.0-rev16 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-5234 BugTraq ID: 69796 http://www.securityfocus.com/bid/69796 Bugtraq: 20140915 Open-Xchange Security Advisory 2014-09-15 (Google Search) http://www.securityfocus.com/archive/1/533443/100/0/threaded http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html http://secunia.com/advisories/61080 Common Vulnerability Exposure (CVE) ID: CVE-2014-5235 BugTraq ID: 69792 http://www.securityfocus.com/bid/69792
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.