Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open-Xchange AppSuite 信息泄露漏洞
Vulnerability Description
Open-Xchange AppSuite(OX AppSuite)是美国Open-Xchange公司的一套Web云桌面环境。该环境允许用户更直观的管理电子邮件、任务和文件等。 Open-Xchange AppSuite 7.2.2及之前版本,7.4.1和7.4.2版本的E-Mail自动配置功能存在信息泄露漏洞,该漏洞源于GET请求中包含密码。远程攻击者可通过读取Web服务器访问日志,Web服务器Referer日志或浏览历史利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A