Internal reference: OXUIB-2599
Type: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Component: frontend
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite frontend 7.10.6-rev38
First fixed revision: OX App Suite frontend 7.10.6-rev39
Discovery date: 2023-10-18
Solution date: 2023-12-01
Disclosure date: 2023-12-11
CVE: CVE-2023-41708
CVSS: 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Details:
XSS using script code as module at app loader. References to the "app loader" functionality could contain redirects to unexpected locations.

Risk:
Attackers could forge app references that bypass existing safeguards to inject malicious script code. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. References to apps are now controlled more strict to avoid relative references.



---



Internal reference: MWB-2366
Type: CWE-400 (Uncontrolled Resource Consumption)
Component: backend
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite backend 7.10.6-rev55, OX App Suite backend 7.6.3-rev71, OX App Suite backend 8.19
First fixed revision: OX App Suite backend 7.10.6-rev56, OX App Suite backend 7.6.3-rev72, OX App Suite backend 8.20
Discovery date: 2023-11-02
Solution date: 2023-12-05
Disclosure date: 2023-12-11
CVE: CVE-2023-41707
CVSS: 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Details:
Excessive resource usage through mail search regex. Processing of user-defined mail search expressions is not limited.

Risk:
Availability of OX App Suite could be reduced due to high processing load. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.




---



Internal reference: MWB-2367
Type: CWE-400 (Uncontrolled Resource Consumption)
Component: backend
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite backend 7.10.6-rev55, OX App Suite backend 7.6.3-rev71, OX App Suite backend 8.19
First fixed revision: OX App Suite backend 7.10.6-rev56, OX App Suite backend 7.6.3-rev72, OX App Suite backend 8.20
Discovery date: 2023-11-02
Solution date: 2023-12-01
Disclosure date: 2023-12-11
CVE: CVE-2023-41706
CVSS: 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Details:
Excessive resource usage through drive search regex. Processing time of drive search expressions now gets monitored, and the related request is terminated if a resource threshold is reached.

Risk:
Availability of OX App Suite could be reduced due to high processing load. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. Processing of user-defined drive search expressions is not limited



---



Internal reference: MWB-2392
Type: CWE-400 (Uncontrolled Resource Consumption)
Component: backend
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite backend 7.10.6-rev55, OX App Suite backend 7.6.3-rev71, OX App Suite backend 8.20
First fixed revision: OX App Suite backend 7.10.6-rev56, OX App Suite backend 7.6.3-rev72, OX App Suite backend 8.21
Discovery date: 2023-11-28
Solution date: 2023-12-06
Disclosure date: 2023-12-11
CVE: CVE-2023-41705
CVSS: 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Details:
High resource consumption by manipulated DAV user-agent strings. Processing of user-defined DAV user-agent strings is not limited.

Risk:
Availability of OX App Suite could be reduced due to high processing load. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. Processing time of DAV user-agents now gets monitored, and the related request is terminated if a resource threshold is reached.



---



Internal reference: MWB-2393
Type: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Component: backend
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite backend 7.10.6-rev55, OX App Suite backend 7.6.3-rev71, OX App Suite backend 8.20
First fixed revision: OX App Suite backend 7.10.6-rev56, OX App Suite backend 7.6.3-rev72, OX App Suite backend 8.21
Discovery date: 2023-11-28
Solution date: 2023-12-06
Disclosure date: 2023-12-11
CVE: CVE-2023-41704
CVSS: 7.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)

Details:
XSS at E-Mail using CSS CID replacement. Processing of CID references at E-Mail can be abused to inject malicious script code that passes the sanitization engine.

Risk:
Malicious script code could be injected to a users sessions when interacting with E-Mails. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. CID handing has been improved and resulting content is checked for malicious content.



---



Internal reference: DOCS-4483
Type: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
Component: office
Report confidence: Confirmed
Solution status: Fixed by vendor
Last affected revision: OX App Suite office 7.10.6-rev9, OX App Suite office 8.19
First fixed revision: OX App Suite office 7.10.6-rev10, OX App Suite office 8.20
Discovery date: 2022-05-19
Solution date: 2022-05-23
Disclosure date: 2023-12-11
CVE: CVE-2023-41703
CVSS: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Details:
UserIds of mentions are not saved correctly after editing a comment with mentions. User ID references at mentions in document comments were not correctly sanitized.

Risk:
Script code could be injected to a users session when working with a malicious document. No publicly available exploits are known.

Solution:
Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content.