CVE-2023-29052

Source
https://cve.org/CVERecord?id=CVE-2023-29052
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29052.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-29052
Published
2024-01-08T09:15:20.680Z
Modified
2026-04-10T04:57:04.660736Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added sanitization for this content. No publicly available exploits are known.

References

Affected packages

Git / github.com/open-xchange/appsuite-frontend

Affected ranges

Type
GIT
Repo
https://github.com/open-xchange/appsuite-frontend
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev13"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev14"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev15"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev16"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev17"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev18"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev19"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev20"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev21"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev22"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev23"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev24"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev25"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev26"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev27"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev28"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev29"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev30"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev31"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev32"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev33"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.10.6-rev34"
        }
    ]
}

Affected versions

7.*
7.10.0-0
7.10.0-2
7.10.3-0
7.10.4-0
7.10.4-1
7.10.5-0
7.10.5-1
7.10.5-2
7.10.6-0
7.10.6-10
7.10.6-11
7.10.6-12
7.10.6-13
7.10.6-14
7.10.6-15
7.10.6-16
7.10.6-17
7.10.6-18
7.10.6-19
7.10.6-20
7.10.6-21
7.10.6-22
7.10.6-23
7.10.6-24
7.10.6-25
7.10.6-26
7.10.6-27
7.10.6-28
7.10.6-29
7.10.6-30
7.10.6-31
7.10.6-32
7.10.6-33
7.10.6-34
7.4.1-6
7.6.2-13
7.6.2-16
7.6.2-18
7.6.2-19
7.6.2-22
7.6.2-23
7.6.2-24
7.8.0-10
7.8.0-11
7.8.0-12
7.8.0-19
7.8.0-7
7.8.0-8
7.8.1-10
7.8.1-11
7.8.1-14
7.8.2-14
7.8.2-16
7.8.2-5
7.8.2-6
7.8.2-7
7.8.2-9
7.8.3-10
7.8.3-9
Other
as-next

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29052.json"
unresolved_ranges
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev01"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev02"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev03"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev05"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev06"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev07"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev08"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.10.6-rev09"
            }
        ]
    }
]