CVE-2021-28060
The supplied connected sources confirm CVE-2021-28060 is a Server-Side Request Forgery in Group Office 6.4.196, allowing a remote attacker to forge GET requests to arbitrary URLs using the url parameter of group/api/upload.php. Core details provided: affected software is Group Office CRM (version...