First published: Mon Dec 01 2014(Updated: )
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Open-xchange App Suite | =7.4.2-rev6 | |
Open-xchange App Suite | =7.4.2-rev7 | |
Open-xchange App Suite | =7.4.2-rev8 | |
Open-xchange App Suite | =7.4.2-rev9 | |
Open-xchange App Suite | =7.6.0-rev6 | |
Open-xchange App Suite | =7.6.0-rev7 | |
Open-xchange App Suite | =7.6.0-rev8 | |
Open-xchange App Suite | =7.6.0-rev9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.