CVE-2016-4048

Published: Dec 15, 2016Modified: May 6, 2026

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can be abused to inject arbitrary text messages. Users may get tricked to follow instructions injected by third parties as part of social engineering attacks.

Affected (1)

Products: Open Xchange: Open Xchange Appsuite

1 product

Open Xchange Appsuite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Open Xchange Open Xchange Appsuite	Up to 7.8.1

References (4)

http://www.securityfocus.com/archive/1/538732/100/0/threaded

Source: cve@mitre.org

http://www.securitytracker.com/id/1036157

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/archive/1/538732/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1036157

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.