CVE-2022-43697 — Vulnetix

CVE-2022-43697 PUBLISHED CVSS 6.099999904632568 MEDIUM

OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob.

EPSS 0.23% · 46.5th percentile

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.23%

46.5th percentile

Affected Products

Vendor	Product	Versions
open-xchange	ox_app_suite	0, 7.10.6, 7.10.6
n/a	n/a	n/a

Exploit Intelligence

https://open-xchange.com (circl)
https://seclists.org/fulldisclosure/2023/Feb/3 (circl)

Timeline

Nov 1, 2022 CVE Published
Apr 15, 2023 EPSS Score
May 23, 2023 EPSS Score
Jun 29, 2023 EPSS Score
Aug 6, 2023 EPSS Score
Sep 12, 2023 EPSS Score
Oct 20, 2023 EPSS Score
Nov 27, 2023 EPSS Score
Jan 3, 2024 EPSS Score
Jan 22, 2024 CVE Updated
Feb 10, 2024 EPSS Score
Mar 19, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›