CVE-2021-38376

CVE-2021-38376

EPSS 1.4%

OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/165038/OX-App-Suite-7.10.5-Cross-Site-Scripting-Information-Disclosure.html https://seclists.org/fulldisclosure/2021/Nov/43 https://www.open-xchange.com