2 matches found
CVE-2021-23927
OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request...
CVE-2021-23927
OX App Suite up to version 7.10.4 is vulnerable to server-side request forgery (SSRF) when a URL containing an @ character is used in a PUT request to appsuite/api/oauth/proxy. The root cause is described as an SSRF flaw in the handling of such URLs, exposing potential unintended requests from th...