Share:

CVE-2021-23927 - Open-xchange Open-xchange Appsuite

January 13, 2021

Moderate 6.4

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.

Affected software

Open-xchange Open-xchange Appsuite

Reference links

https://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.