CVE-2020-12644

Name of the Vulnerable Software and Affected Versions OX App Suite versions 7.10.3 and earlier

Description The issue allows Server-Side Request Forgery (SSRF) and is related to the mail account API and the "/folder/list" API endpoint. This means an attacker could potentially forge requests that the server would execute, potentially leading to unauthorized access or actions.

Recommendations For OX App Suite versions 7.10.3 and earlier, consider restricting access to the mail account API and the "/folder/list" API endpoint until a patch is available. As a temporary workaround, disabling the functionality related to these APIs could help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.