CVE-2022-43697

Source
https://cve.org/CVERecord?id=CVE-2022-43697
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43697.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-43697
Published
2023-04-15T00:00:00Z
Modified
2026-07-15T02:06:42.559931857Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/43xxx/CVE-2022-43697.json",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "7.10.6-rev30"
                }
            ],
            "source": "DESCRIPTION"
        }
    ],
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/open-xchange/appsuite-frontend

Affected ranges

Type
GIT
Repo
https://github.com/open-xchange/appsuite-frontend
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Last affected
Database specific
{
    "cpe": [
        "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev24:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev25:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev26:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev27:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev28:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev29:*:*:*:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.10.6"
        },
        {
            "introduced": "7.10.6-NA"
        },
        {
            "last_affected": "7.10.6-NA"
        },
        {
            "introduced": "7.10.6-rev10"
        },
        {
            "last_affected": "7.10.6-rev10"
        },
        {
            "introduced": "7.10.6-rev11"
        },
        {
            "last_affected": "7.10.6-rev11"
        },
        {
            "introduced": "7.10.6-rev12"
        },
        {
            "last_affected": "7.10.6-rev12"
        },
        {
            "introduced": "7.10.6-rev13"
        },
        {
            "last_affected": "7.10.6-rev13"
        },
        {
            "introduced": "7.10.6-rev14"
        },
        {
            "last_affected": "7.10.6-rev14"
        },
        {
            "introduced": "7.10.6-rev15"
        },
        {
            "last_affected": "7.10.6-rev15"
        },
        {
            "introduced": "7.10.6-rev16"
        },
        {
            "last_affected": "7.10.6-rev16"
        },
        {
            "introduced": "7.10.6-rev17"
        },
        {
            "last_affected": "7.10.6-rev17"
        },
        {
            "introduced": "7.10.6-rev18"
        },
        {
            "last_affected": "7.10.6-rev18"
        },
        {
            "introduced": "7.10.6-rev19"
        },
        {
            "last_affected": "7.10.6-rev19"
        },
        {
            "introduced": "7.10.6-rev20"
        },
        {
            "last_affected": "7.10.6-rev20"
        },
        {
            "introduced": "7.10.6-rev21"
        },
        {
            "last_affected": "7.10.6-rev21"
        },
        {
            "introduced": "7.10.6-rev22"
        },
        {
            "last_affected": "7.10.6-rev22"
        },
        {
            "introduced": "7.10.6-rev23"
        },
        {
            "last_affected": "7.10.6-rev23"
        },
        {
            "introduced": "7.10.6-rev24"
        },
        {
            "last_affected": "7.10.6-rev24"
        },
        {
            "introduced": "7.10.6-rev25"
        },
        {
            "last_affected": "7.10.6-rev25"
        },
        {
            "introduced": "7.10.6-rev26"
        },
        {
            "last_affected": "7.10.6-rev26"
        },
        {
            "introduced": "7.10.6-rev27"
        },
        {
            "last_affected": "7.10.6-rev27"
        },
        {
            "introduced": "7.10.6-rev28"
        },
        {
            "last_affected": "7.10.6-rev28"
        },
        {
            "introduced": "7.10.6-rev29"
        },
        {
            "last_affected": "7.10.6-rev29"
        }
    ]
}

Affected versions

7.*
7.10.0-0
7.10.0-2
7.10.3-0
7.10.4-0
7.10.4-1
7.10.5-0
7.10.5-1
7.10.5-2
7.10.6-21
7.10.6-29
7.10.6-NA
7.10.6-rev10
7.10.6-rev11
7.10.6-rev12
7.10.6-rev13
7.10.6-rev14
7.10.6-rev15
7.10.6-rev16
7.10.6-rev17
7.10.6-rev18
7.10.6-rev19
7.10.6-rev20
7.10.6-rev21
7.10.6-rev22
7.10.6-rev23
7.10.6-rev24
7.10.6-rev25
7.10.6-rev26
7.10.6-rev27
7.10.6-rev28
7.10.6-rev29
7.4.1-6
7.6.2-13
7.6.2-16
7.6.2-18
7.6.2-19
7.6.2-22
7.6.2-23
7.6.2-24
7.8.0-10
7.8.0-11
7.8.0-12
7.8.0-19
7.8.0-7
7.8.0-8
7.8.1-10
7.8.1-11
7.8.1-14
7.8.2-14
7.8.2-16
7.8.2-5
7.8.2-6
7.8.2-7
7.8.2-9
7.8.3-10
7.8.3-9
Other
as-next

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-43697.json"