Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Open-Xchange OX App Suite 代码问题漏洞
Vulnerability Description
Open-Xchange OX App Suite是德国Open-Xchange公司的一个电子邮件及生产力套件客户端软件。 Open-Xchange OX App Suite 7.10.6及之前版本存在安全漏洞,该漏洞源于使用具有多个A或AAAA响应的恶意DNS记录可以绕过有关外部连接的拒绝列表,服务器发起的对外部资源的请求可以定向到基于拒绝列表设置限制的内部资源,这可用于确定内部地址和服务,存在违反基于边界的安全策略的风险。
CVSS Information
N/A
Vulnerability Type
N/A