Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in opportunistic circumstances via a manual-mode association of a personal e-mail address with the hostname of a crafted IMAP server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open-Xchange AppSuite Discovered Settings 信息泄露漏洞
Vulnerability Description
Open-Xchange AppSuite(OX AppSuite)是美国Open-Xchange公司的一套Web云桌面环境。该环境允许用户更直观的管理电子邮件、任务和文件等。 Open-Xchange AppSuite 7.2.2 rev9之前版本中存在漏洞。该漏洞源于程序依靠用户输入的数据预测IMAP服务器主机名。远程认证攻击者可伺机在特定情况下,在手动模式关联的向个人邮件地址中加入特制的IMAP服务器主机名,利用该漏洞发现其它用户的邮件凭证。
CVSS Information
N/A
Vulnerability Type
N/A