4 matches found
OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...
CVE-2019-18846
OX App Suite through 7.10.2 allows SSRF...
CVE-2019-18846
OX App Suite/OX Documents 7.10.2 and earlier are affected by a Server-Side Request Forgery (SSRF) in the attachment API for Calendar/Tasks, where references to attachments could bypass host/protocol checks and cause content from local files or URLs to be added as attachments. Root cause: insuffic...
Open-Xchange App Suite / Documents Server-Side Request Forgery
Product: OX App Suite / OX Documents Vendor: OX Software GmbH Internal reference: 67871, 68258 Bug ID Vulnerability type: Server-Side Request Forgery CWE-918 Vulnerable version: 7.10.2 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed...