2 matches found
CVE-2020-24700
OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring...
CVE-2020-24700
OX App Suite (Open-Xchange) up to 7.10.3 is affected by a Server-Side Request Forgery (SSRF) in the backend where GET requests to arbitrary domains can be triggered via an initial autoconfig substring. The issue is documented across multiple sources (NVD, Red Hat, PacketStorm) and centers on the ...