CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-41703

User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content. No publicly available exploits are known.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.2%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2023-41703

Open-Xchange » Open-Xchange Appsuite » Version: 6.20.7

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.20.7
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.0
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.1
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.3
Open-Xchange » Open-Xchange Appsuite » Version: 6.22.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.4
Open-Xchange » Open-Xchange Appsuite » Version: 7.0.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.0.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.4
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.5

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5
Open-Xchange » Open-Xchange Appsuite » Version: 7.10.6

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.6
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.2.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.4.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.6.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.6.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.0

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.0
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.1

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.1
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.2
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.3

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.3
Open-Xchange » Open-Xchange Appsuite » Version: 7.8.4

cpe:2.3:a:open-xchange:open-xchange_appsuite:7.8.4
Open-Xchange » Open-Xchange Appsuite » Version: 8.2

cpe:2.3:a:open-xchange:open-xchange_appsuite:8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-41703

Products

Pricing

Contact Us