OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.
References
Link | Resource |
---|---|
https://seclists.org/fulldisclosure/2020/Oct/20 | Exploit Mailing List Third Party Advisory |
https://www.open-xchange.com/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-23T04:51:42
Updated: 2020-10-23T04:51:42
Reserved: 2020-06-24T00:00:00
Link: CVE-2020-15002
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-10-23T05:15:13.157
Modified: 2020-10-26T18:13:08.413
Link: CVE-2020-15002
JSON object: View
Redhat Information
No data.
CWE