OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.
References
Link | Resource |
---|---|
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4789_7.6.3_2018-06-25.pdf | Patch Vendor Advisory |
https://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4790_7.8.3_2018-06-25.pdf | Patch Vendor Advisory |
http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_4791_7.8.4_2018-06-25.pdf | Patch Vendor Advisory |
http://seclists.org/fulldisclosure/2019/Jan/10 | Exploit Mailing List Third Party Advisory |
Configurations
Information
Published : 2019-01-30 07:29
Updated : 2019-01-31 15:49
NVD link : CVE-2018-12609
Mitre link : CVE-2018-12609
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
open-xchange
- open-xchange_appsuite