CVE-2021-38375

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-38375

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38375.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-38375

Published

2021-11-22T09:15:07.437Z

Modified

2026-03-15T14:44:57.321669Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e-mail message.

References

Affected packages

Git / github.com/open-xchange/appsuite-frontend

Affected ranges

Type

GIT

Repo

https://github.com/open-xchange/appsuite-frontend

Events

Introduced

Last affected

8f2d6a4b3a99c89f1e86029efca0c740f0e9966b

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.5"
        }
    ]
}

Affected versions

7.*

7.0.0-10

7.0.0-11

7.0.0-12

7.0.0-8

7.0.0-9

7.0.1-1

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.10.0-0

7.10.0-10

7.10.0-2

7.10.0-3

7.10.0-4

7.10.0-5

7.10.0-6

7.10.0-7

7.10.0-8

7.10.0-9

7.10.1-1

7.10.1-2

7.10.1-3

7.10.1-4

7.10.2-1

7.10.2-2

7.10.2-3

7.10.3-0

7.10.3-1

7.10.3-2

7.10.3-3

7.10.4-0

7.10.4-1

7.10.4-2

7.10.4-3

7.10.4-4

7.10.4-5

7.10.4-6

7.10.5-0

7.2.0-1

7.2.0-2

7.2.0-3

7.2.0-4

7.2.0-5

7.2.0-6

7.2.1-1

7.2.1-2

7.2.1-3

7.2.1-4

7.2.1-5

7.2.1-6

7.2.2-1

7.2.2-11

7.2.2-12

7.2.2-13

7.2.2-14

7.2.2-15

7.2.2-16

7.2.2-17

7.2.2-18

7.2.2-19

7.2.2-2

7.2.2-20

7.2.2-3

7.2.2-4

7.2.2-5

7.2.2-6

7.2.2-7

7.2.2-8

7.2.2-9

7.4.0-1

7.4.0-10

7.4.0-11

7.4.0-12

7.4.0-13

7.4.0-14

7.4.0-15

7.4.0-16

7.4.0-17

7.4.0-18

7.4.0-19

7.4.0-2

7.4.0-3

7.4.0-4

7.4.0-5

7.4.0-6

7.4.0-7

7.4.0-8

7.4.0-9

7.4.1-1

7.4.1-10

7.4.1-11

7.4.1-2

7.4.1-3

7.4.1-4

7.4.1-5

7.4.1-6

7.4.1-7

7.4.1-8

7.4.1-9

7.4.2-1

7.4.2-10

7.4.2-11

7.4.2-12

7.4.2-13

7.4.2-14

7.4.2-15

7.4.2-16

7.4.2-17

7.4.2-18

7.4.2-19

7.4.2-2

7.4.2-20

7.4.2-21

7.4.2-22

7.4.2-23

7.4.2-24

7.4.2-25

7.4.2-26

7.4.2-27

7.4.2-28

7.4.2-29

7.4.2-3

7.4.2-4

7.4.2-5

7.4.2-6

7.4.2-7

7.4.2-8

7.4.2-9

7.6.0-1

7.6.0-10

7.6.0-11

7.6.0-12

7.6.0-13

7.6.0-14

7.6.0-15

7.6.0-16

7.6.0-17

7.6.0-2

7.6.0-3

7.6.0-4

7.6.0-5

7.6.0-6

7.6.0-7

7.6.0-8

7.6.0-9

7.6.1-1

7.6.1-10

7.6.1-11

7.6.1-12

7.6.1-13

7.6.1-14

7.6.1-15

7.6.1-16

7.6.1-17

7.6.1-18

7.6.1-19

7.6.1-2

7.6.1-20

7.6.1-21

7.6.1-22

7.6.1-23

7.6.1-24

7.6.1-25

7.6.1-26

7.6.1-3

7.6.1-4

7.6.1-5

7.6.1-6

7.6.1-7

7.6.1-8

7.6.1-9

7.6.2-1

7.6.2-10

7.6.2-11

7.6.2-12

7.6.2-13

7.6.2-14

7.6.2-15

7.6.2-16

7.6.2-17

7.6.2-18

7.6.2-19

7.6.2-2

7.6.2-20

7.6.2-21

7.6.2-22

7.6.2-23

7.6.2-24

7.6.2-25

7.6.2-26

7.6.2-27

7.6.2-28

7.6.2-29

7.6.2-3

7.6.2-4

7.6.2-5

7.6.2-6

7.6.2-7

7.6.2-8

7.6.2-9

7.8.0-1

7.8.0-2

7.8.0-3

7.8.0-4

7.8.0-5

7.8.0-6

7.8.0-7

7.8.0-8

7.8.0-9

7.8.1-1

7.8.1-2

7.8.1-3

7.8.1-4

7.8.1-5

7.8.1-6

7.8.1-7

7.8.2-1

7.8.2-2

7.8.2-3

7.8.2-4

7.8.3-1

7.8.3-2

7.8.3-3

7.8.3-4

7.8.3-5

7.8.4-1

7.8.4-2

7.8.4-3

Other

Test

sprint_20

sprintreview_2013_07_12

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38375.json"