Home

Description

Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to perform unintended actions or provide sensitive information to a third party which would enable further threats. Attribute values containing HTML fragments are now denied by the sanitization procedure. No publicly available exploits are known

PUBLISHED Reserved 2025-03-18 | Published 2025-10-31 | Updated 2025-10-31 | Assigner OX




MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Problem types

Improper Restriction of Rendered UI Layers or Frames

Product status

Default status
unaffected

Any version
affected

Any version
affected

Any version
affected

Any version
affected

Any version
affected

References

documentation.open-xchange.com/...25/oxas-adv-2025-0002.json vendor-advisory

cve.org (CVE-2025-30191)

nvd.nist.gov (CVE-2025-30191)

Download JSON