CVE-2020-11003

Name of the Vulnerable Software and Affected Versions Oasis versions prior to 2.15.0

Description The issue concerns a potential DNS rebinding or CSRF vulnerability. If an attacker can trick a user into visiting a malicious website, they could use DNS rebinding and CSRF attacks to read or write to vulnerable applications. There is no evidence that suggests this has been used in the wild.

Recommendations For Oasis versions prior to 2.15.0, update to version 2.15.0 to resolve the issue. As a temporary workaround, consider avoiding visits to potentially malicious websites to minimize the risk of exploitation.