CVE-2022-24406

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-24406
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24406.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-24406
Published
2022-07-27T14:15:08Z
Modified
2024-09-03T04:13:02.275545Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls.

References

Affected packages

Git / github.com/open-xchange/appsuite-frontend

Affected ranges

Type
GIT
Repo
https://github.com/open-xchange/appsuite-frontend
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

7.*

7.0.0-10
7.0.0-11
7.0.0-12
7.0.0-8
7.0.0-9
7.0.1-1
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.10.0-0
7.10.0-10
7.10.0-2
7.10.0-3
7.10.0-4
7.10.0-5
7.10.0-6
7.10.0-7
7.10.0-8
7.10.0-9
7.10.1-1
7.10.1-2
7.10.1-3
7.10.1-4
7.10.2-1
7.10.2-2
7.10.2-3
7.10.3-0
7.10.3-1
7.10.3-2
7.10.3-3
7.10.4-0
7.10.4-1
7.10.4-2
7.10.4-3
7.10.4-4
7.10.4-5
7.10.4-6
7.10.5-0
7.10.5-1
7.10.5-2
7.10.5-3
7.10.5-4
7.10.5-5
7.10.6-0
7.2.0-1
7.2.0-2
7.2.0-3
7.2.0-4
7.2.0-5
7.2.0-6
7.2.1-1
7.2.1-2
7.2.1-3
7.2.1-4
7.2.1-5
7.2.1-6
7.2.2-1
7.2.2-11
7.2.2-12
7.2.2-13
7.2.2-14
7.2.2-15
7.2.2-16
7.2.2-17
7.2.2-18
7.2.2-19
7.2.2-2
7.2.2-20
7.2.2-3
7.2.2-4
7.2.2-5
7.2.2-6
7.2.2-7
7.2.2-8
7.2.2-9
7.4.0-1
7.4.0-10
7.4.0-11
7.4.0-12
7.4.0-13
7.4.0-14
7.4.0-15
7.4.0-16
7.4.0-17
7.4.0-18
7.4.0-19
7.4.0-2
7.4.0-3
7.4.0-4
7.4.0-5
7.4.0-6
7.4.0-7
7.4.0-8
7.4.0-9
7.4.1-1
7.4.1-10
7.4.1-11
7.4.1-2
7.4.1-3
7.4.1-4
7.4.1-5
7.4.1-6
7.4.1-7
7.4.1-8
7.4.1-9
7.4.2-1
7.4.2-10
7.4.2-11
7.4.2-12
7.4.2-13
7.4.2-14
7.4.2-15
7.4.2-16
7.4.2-17
7.4.2-18
7.4.2-19
7.4.2-2
7.4.2-20
7.4.2-21
7.4.2-22
7.4.2-23
7.4.2-24
7.4.2-25
7.4.2-26
7.4.2-27
7.4.2-28
7.4.2-29
7.4.2-3
7.4.2-4
7.4.2-5
7.4.2-6
7.4.2-7
7.4.2-8
7.4.2-9
7.6.0-1
7.6.0-10
7.6.0-11
7.6.0-12
7.6.0-13
7.6.0-14
7.6.0-15
7.6.0-16
7.6.0-17
7.6.0-2
7.6.0-3
7.6.0-4
7.6.0-5
7.6.0-6
7.6.0-7
7.6.0-8
7.6.0-9
7.6.1-1
7.6.1-10
7.6.1-11
7.6.1-12
7.6.1-13
7.6.1-14
7.6.1-15
7.6.1-16
7.6.1-17
7.6.1-18
7.6.1-19
7.6.1-2
7.6.1-20
7.6.1-21
7.6.1-22
7.6.1-23
7.6.1-24
7.6.1-25
7.6.1-26
7.6.1-3
7.6.1-4
7.6.1-5
7.6.1-6
7.6.1-7
7.6.1-8
7.6.1-9
7.6.2-1
7.6.2-10
7.6.2-11
7.6.2-12
7.6.2-13
7.6.2-14
7.6.2-15
7.6.2-16
7.6.2-17
7.6.2-18
7.6.2-19
7.6.2-2
7.6.2-20
7.6.2-21
7.6.2-22
7.6.2-23
7.6.2-24
7.6.2-25
7.6.2-26
7.6.2-27
7.6.2-28
7.6.2-29
7.6.2-3
7.6.2-4
7.6.2-5
7.6.2-6
7.6.2-7
7.6.2-8
7.6.2-9
7.8.0-1
7.8.0-2
7.8.0-3
7.8.0-4
7.8.0-5
7.8.0-6
7.8.0-7
7.8.0-8
7.8.0-9
7.8.1-1
7.8.1-2
7.8.1-3
7.8.1-4
7.8.1-5
7.8.1-6
7.8.1-7
7.8.2-1
7.8.2-2
7.8.2-3
7.8.2-4
7.8.3-1
7.8.3-2
7.8.3-3
7.8.3-4
7.8.3-5
7.8.4-1
7.8.4-2
7.8.4-3

Other

Test
as-next
sprint_20
sprintreview_2013_07_12