3 matches found
UBUNTU-CVE-2021-22132
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
OX App Suite Server-Side Request Forgery Vulnerability (CNVD-2020-13202)
Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A server-side request forgery vulnerability exists in OX App Suite 7.10.2 and earlier versions. No detailed...
CVE-2019-14225
OX App Suite 7.10.1 and 7.10.2 allows SSRF...