Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open-Xchange AppSuite 服务器端请求伪造漏洞
Vulnerability Description
Open-Xchange AppSuite(OX AppSuite)是美国Open-Xchange公司的一套Web云桌面环境,它允许用户更直观的管理电子邮件、任务和文件等。documentconverter是其中的一个文档转换组件。 OX AppSuite 7.4.2-rev10之前版本和7.6.0-rev10之前7.6.x版本的documentconverter组件中存在服务器端请求伪造漏洞,该漏洞源于图像预览没有正确处理Text文档中的内嵌图片。远程攻击者可借助内嵌图片中的URL利用该漏洞向任意服务器
CVSS Information
N/A
Vulnerability Type
N/A