Open Xchange · Ox App Suite · CVE-2020-24700
Name of the Vulnerable Software and Affected Versions:
OX App Suite versions 7.10.3 and earlier
Description:
The issue allows for Server-Side Request Forgery (SSRF) because GET requests are sent to arbitrary domain names with an initial autoconfig substring.
Recommendations:
For OX App Suite versions 7.10.3 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.