Showing 1 - 1 of 1

CVE-2024-23188

Status Candidate

Overview

Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to trigger. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer methods of handling external content when embedding attachment information to the web interface. No publicly available exploits are known.

Related Files

OX App Suite 8.21 Cross Site Scripting / Information Disclosure: Posted May 7, 2024; Authored by Martin Heiland; OX App Suite version 8.21 cross site scripting and information disclosure vulnerabilities.; tags | advisory, vulnerability, xss, info disclosure; advisories | CVE-2024-23186, CVE-2024-23187, CVE-2024-23188, CVE-2024-23193; SHA-256 | ab18d35bc5d3677af88f7c327825d1007c6a7376fe5c5b0c3ee1c6a433e1e8b7; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 254 files
Ubuntu 57 files
Gentoo 33 files
Debian 24 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Google Security Research 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,048)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,846)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,952)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,535)
UNIX (9,409)
UnixWare (187)
Windows (6,660)
Other

CVE-2024-23188

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems