CVE-2019-18846
MEDIUMOpen-Xchange App Suite < 7.10.2 - Server-Side Request Forgery
Title source: manualDescription
OX App Suite through 7.10.2 allows SSRF.
References (2)
Core 2
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html
Scores
CVSS v3
5.0
EPSS
0.0021
EPSS Percentile
43.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Details
CWE
CWE-918
Status
published
Products (1)
open-xchange/open-xchange_appsuite
< 7.10.2
Published
Feb 21, 2020
Tracked Since
Feb 18, 2026