{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev01" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev02" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev03" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev05" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev06" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev07" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev08" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "7.10.6-rev09" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "7.10.6" }, { "introduced": "0" }, { "last_affected": "7.10.6-NA" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev10" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev11" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev12" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev13" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev14" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev15" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev16" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev17" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev18" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev19" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev20" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev21" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev22" }, { "introduced": "0" }, { "last_affected": "7.10.6-rev23" } ] }, "events": [ { "introduced": "0" }, { "fixed": "489e7d0bf2bb0dc4c984860c4ce6f4d772086875" }, { "introduced": "0" }, { "last_affected": "489e7d0bf2bb0dc4c984860c4ce6f4d772086875" }, { "introduced": "0" }, { "last_affected": "3bf675812dfb666d3dc1bacfc72ed6ba4f19643f" }, { "introduced": "0" }, { "last_affected": "cda1b78b8fa8d35a1602003a9d90fddef2461694" }, { "introduced": "0" }, { "last_affected": "726dba94c43ad95f10aadd3e6ac2bbe4debf4347" }, { "introduced": "0" }, { "last_affected": "22378bdb996bcf376a5122b6f001c7c7c7b7088b" }, { "introduced": "0" }, { "last_affected": "3390ea1e54eab7c269d5e5f2e6791f36cf1ebff8" }, { "introduced": "0" }, { "last_affected": "281ea2f50a7c2c686d66b51e4c8782f6fa5ce75f" }, { "introduced": "0" }, { "last_affected": "065be8690dd07bd17ab711961085b4350dcbd7e2" }, { "introduced": "0" }, { "last_affected": "41eee98c698de20700aa45222fdefebc86fee3db" }, { "introduced": "0" }, { "last_affected": "4703ef3de5fb9e5c9187a33edfba8867561f2fe2" }, { "introduced": "0" }, { "last_affected": "7bfa5af1d7745d2ec61a8537c56734dc809c2e34" }, { "introduced": "0" }, { "last_affected": "3e8727d4155bd7aa6c1c45fc73e7bae75d6c7792" }, { "introduced": "0" }, { "last_affected": "7478627b8aa3e8da77d9ac54788ebb6e163ebbf0" }, { "introduced": "0" }, { "last_affected": "ea2365c9bde278334ffb54d6b34a1f7ef0a0c884" }, { "introduced": "0" }, { "last_affected": "021e33ad79d579d1aafd21fde5da27ab133bdfd1" } ], "repo": "https://github.com/open-xchange/appsuite-frontend", "type": "GIT" } ] } ], "details": "OX App Suite before frontend 7.10.6-rev24 allows XSS via data to the Tumblr portal widget, such as a post title.", "id": "CVE-2023-24602", "modified": "2026-03-13T21:48:49.422548703Z", "published": "2023-05-29T03:15:09.717Z", "references": [ { "type": "WEB", "url": "https://open-xchange.com" }, { "type": "ADVISORY", "url": "http://seclists.org/fulldisclosure/2023/May/3" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }