CVE-2015-5703

Name of the Vulnerable Software and Affected Versions Open-Xchange OX Guard versions prior to 2.0.0-rev8

Description The issue concerns a SQL injection vulnerability in the public key discovery API call. This allows remote authenticated users to execute arbitrary SQL commands.

Recommendations For versions prior to 2.0.0-rev8, update to version 2.0.0-rev8 or later to resolve the issue. As a temporary workaround, consider restricting access to the public key discovery API call until a patch is applied.