Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text document, which is not properly handled by the image preview.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-12-01T15:00:00
Updated: 2024-08-06T11:41:47.695Z
Reserved: 2014-08-13T00:00:00
Link: CVE-2014-5237
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-12-01T15:59:04.297
Modified: 2018-12-18T14:42:36.063
Link: CVE-2014-5237
Redhat
No data.