CVE-2020-12645

Name of the Vulnerable Software and Affected Versions OX App Suite versions 7.10.1 through 7.10.3

Description The issue is related to improper input validation for rate limits, which can be exploited with a crafted User-Agent header. Additionally, it involves spoofed vacation notices and excessive memory consumption through the /apps/load endpoint.

Recommendations For OX App Suite versions 7.10.1 through 7.10.3, consider updating to a version that addresses the improper input validation issue. As a temporary workaround, restrict access to the /apps/load endpoint to minimize the risk of excessive memory consumption. Avoid using spoofed vacation notices until the issue is resolved.