CVE-2016-4048

MEDIUM Year: 2016
CVSS v3 Score
4.3
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can be abused to inject arbitrary text messages. Users may get tricked to follow instructions injected by third parties as part of social engineering attacks.

Related Vulnerabilities

CVE-2011-4820

MEDIUM
CVSS:4.3(Medium)

IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences.

NVD-CWE-Other2011

CVE-2015-1971

MEDIUM
CVSS:4.3(Medium)

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manag...

NVD-CWE-Other2015

CVE-2015-6479

MEDIUM
CVSS:4.3(Medium)

ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover poten...

NVD-CWE-Other2015

CVE-2016-0162

MEDIUM
CVSS:4.3(Medium)

Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."

NVD-CWE-Other2016

CVE-2016-11050

MEDIUM
CVSS:4.3(Medium)

An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016...

NVD-CWE-Other2016

CVE-2016-3422

MEDIUM
CVSS:4.3(Medium)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.

NVD-CWE-Other2016