CVE-2023-24597

Source
https://cve.org/CVERecord?id=CVE-2023-24597
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24597.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-24597
Published
2023-05-29T00:00:00Z
Modified
2026-07-15T02:08:04.727170031Z
Summary
[none]
Details

OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's remote resources during printing.

Database specific
{
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/24xxx/CVE-2023-24597.json"
}
References

Affected packages

Git / github.com/open-xchange/appsuite-frontend

Affected ranges

Type
GIT
Repo
https://github.com/open-xchange/appsuite-frontend
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Last affected
Database specific
{
    "cpe": [
        "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
        "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*"
    ],
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.10.6"
        },
        {
            "introduced": "7.10.6-NA"
        },
        {
            "last_affected": "7.10.6-NA"
        },
        {
            "introduced": "7.10.6-rev10"
        },
        {
            "last_affected": "7.10.6-rev10"
        },
        {
            "introduced": "7.10.6-rev11"
        },
        {
            "last_affected": "7.10.6-rev11"
        },
        {
            "introduced": "7.10.6-rev12"
        },
        {
            "last_affected": "7.10.6-rev12"
        },
        {
            "introduced": "7.10.6-rev13"
        },
        {
            "last_affected": "7.10.6-rev13"
        },
        {
            "introduced": "7.10.6-rev14"
        },
        {
            "last_affected": "7.10.6-rev14"
        },
        {
            "introduced": "7.10.6-rev15"
        },
        {
            "last_affected": "7.10.6-rev15"
        },
        {
            "introduced": "7.10.6-rev16"
        },
        {
            "last_affected": "7.10.6-rev16"
        },
        {
            "introduced": "7.10.6-rev17"
        },
        {
            "last_affected": "7.10.6-rev17"
        },
        {
            "introduced": "7.10.6-rev18"
        },
        {
            "last_affected": "7.10.6-rev18"
        },
        {
            "introduced": "7.10.6-rev19"
        },
        {
            "last_affected": "7.10.6-rev19"
        },
        {
            "introduced": "7.10.6-rev20"
        },
        {
            "last_affected": "7.10.6-rev20"
        },
        {
            "introduced": "7.10.6-rev21"
        },
        {
            "last_affected": "7.10.6-rev21"
        },
        {
            "introduced": "7.10.6-rev22"
        },
        {
            "last_affected": "7.10.6-rev22"
        },
        {
            "introduced": "7.10.6-rev23"
        },
        {
            "last_affected": "7.10.6-rev23"
        }
    ]
}

Affected versions

7.*
7.10.0-0
7.10.0-2
7.10.3-0
7.10.4-0
7.10.4-1
7.10.5-0
7.10.5-1
7.10.5-2
7.10.6-21
7.10.6-23
7.10.6-NA
7.10.6-rev10
7.10.6-rev11
7.10.6-rev12
7.10.6-rev13
7.10.6-rev14
7.10.6-rev15
7.10.6-rev16
7.10.6-rev17
7.10.6-rev18
7.10.6-rev19
7.10.6-rev20
7.10.6-rev21
7.10.6-rev22
7.10.6-rev23
7.4.1-6
7.6.2-13
7.6.2-16
7.6.2-18
7.6.2-19
7.6.2-22
7.6.2-23
7.6.2-24
7.8.0-10
7.8.0-11
7.8.0-12
7.8.0-19
7.8.0-7
7.8.0-8
7.8.1-10
7.8.1-11
7.8.1-14
7.8.2-14
7.8.2-16
7.8.2-5
7.8.2-6
7.8.2-7
7.8.2-9
7.8.3-10
7.8.3-9
Other
as-next

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24597.json"