Vulnerabilities > Open Xchange > Open Xchange Appsuite > 7.10.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-12 | CVE-2021-23927 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request. | 5.5 |
2021-01-12 | CVE-2020-24701 | Cross-site Scripting vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI). | 4.3 |