Open-Xchange OX App Suite backend
Moderate fix5 remedies
cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*
Moderate fix5 remedies
- 7.6.3-rev77
- 8.35.111
- 8.38.82
- 8.39.79
- 8.40.57
Open-Xchange OX App Suite Redressing Attack Vulnerability
Vulnerability
Patched
A vulnerability allows malicious email content to execute a redressing attack, potentially leading users to perform unintended actions or disclose sensitive information to third parties, which could facilitate further threats. This issue affects Open-Xchange OX App Suite backend versions 7.6.3-rev77, 8.35.111, 8.38.82, 8.39.79, and 8.40.57, as well as OX App Suite uimiddleware versions 2.1.7 and 2.1.8. The vulnerability arises from improper restriction of rendered UI layers, enabling spoofing and redressing attacks.
Impact
Exploitation of this vulnerability could trick users into performing unintended actions or sharing sensitive information with third parties, potentially leading to additional threats.
Remediation
Users can update to OX App Suite backend versions 7.6.3-rev78, 8.35.112, 8.38.83, 8.39.80, or 8.40.58. For OX App Suite uimiddleware, version 2.1.8 should be deployed.
Added: Oct 31, 2025, 9:19 AM
Updated: Oct 31, 2025, 9:19 AM
Vulnerability Rating
Custom Algorithm
spread
1.0impact
3.1exploitability
6.5remediation
7.7relevance
0.8threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.