Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2021-26699

OX App Suite before 7.10.3-rev4 and 7.10.4 before 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used.

Published: Jul 22, 2021
Updated: Nov 16, 2025
CVE: CVE-2021-26699
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:N/A:P

CWEs:

CWE-918

Affected Software
References

Software	From	Fixed in
open-xchange / open-xchange_appsuite	7.10.3-rev1	7.10.3-rev1.x
open-xchange / open-xchange_appsuite	7.10.3-rev2	7.10.3-rev2.x
open-xchange / open-xchange_appsuite	7.10.3-rev3	7.10.3-rev3.x
open-xchange / open-xchange_appsuite	7.10.3-rev4	7.10.3-rev4.x
open-xchange / open-xchange_appsuite	7.10.3-rev5	7.10.3-rev5.x
open-xchange / open-xchange_appsuite	7.10.3-rev6	7.10.3-rev6.x
open-xchange / open-xchange_appsuite	7.10.3	7.10.3.x
open-xchange / open-xchange_appsuite	7.10.3-rev18	7.10.3-rev18.x
open-xchange / open-xchange_appsuite	7.10.3-rev19	7.10.3-rev19.x
open-xchange / open-xchange_appsuite	7.10.3-rev20	7.10.3-rev20.x
open-xchange / open-xchange_appsuite	7.10.3-rev21	7.10.3-rev21.x
open-xchange / open-xchange_appsuite	7.10.3-rev22	7.10.3-rev22.x
open-xchange / open-xchange_appsuite	7.10.3-rev23	7.10.3-rev23.x
open-xchange / open-xchange_appsuite	7.10.3-rev24	7.10.3-rev24.x
open-xchange / open-xchange_appsuite	7.10.3-rev25	7.10.3-rev25.x
open-xchange / open-xchange_appsuite	7.10.3-rev26	7.10.3-rev26.x
open-xchange / open-xchange_appsuite	7.10.3-rev27	7.10.3-rev27.x
open-xchange / open-xchange_appsuite	7.10.3-rev28	7.10.3-rev28.x
open-xchange / open-xchange_appsuite	7.10.3-rev29	7.10.3-rev29.x
open-xchange / open-xchange_appsuite	7.10.3-rev30	7.10.3-rev30.x
open-xchange / open-xchange_appsuite	7.10.3-rev31	7.10.3-rev31.x
open-xchange / open-xchange_appsuite	7.10.4	7.10.4.x
open-xchange / open-xchange_appsuite	7.10.4-rev1	7.10.4-rev1.x
open-xchange / open-xchange_appsuite	7.10.4-rev10	7.10.4-rev10.x
open-xchange / open-xchange_appsuite	7.10.4-rev11	7.10.4-rev11.x
open-xchange / open-xchange_appsuite	7.10.4-rev12	7.10.4-rev12.x
open-xchange / open-xchange_appsuite	7.10.4-rev13	7.10.4-rev13.x
open-xchange / open-xchange_appsuite	7.10.4-rev2	7.10.4-rev2.x
open-xchange / open-xchange_appsuite	7.10.4-rev3	7.10.4-rev3.x
open-xchange / open-xchange_appsuite	7.10.4-rev4	7.10.4-rev4.x
open-xchange / open-xchange_appsuite	7.10.4-rev5	7.10.4-rev5.x
open-xchange / open-xchange_appsuite	7.10.4-rev6	7.10.4-rev6.x
open-xchange / open-xchange_appsuite	7.10.4-rev7	7.10.4-rev7.x
open-xchange / open-xchange_appsuite	7.10.4-rev8	7.10.4-rev8.x
open-xchange / open-xchange_appsuite	7.10.4-rev9	7.10.4-rev9.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5547	7.10.3-patch_release5547.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5572	7.10.3-patch_release5572.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5623	7.10.3-patch_release5623.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5653	7.10.3-patch_release5653.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5677	7.10.3-patch_release5677.x
open-xchange / open-xchange_appsuite	7.10.3-patch_release5720	7.10.3-patch_release5720.x
open-xchange / open-xchange_appsuite	7.10.3-rev10	7.10.3-rev10.x
open-xchange / open-xchange_appsuite	7.10.3-rev11	7.10.3-rev11.x
open-xchange / open-xchange_appsuite	7.10.3-rev12	7.10.3-rev12.x
open-xchange / open-xchange_appsuite	7.10.3-rev13	7.10.3-rev13.x
open-xchange / open-xchange_appsuite	7.10.3-rev14	7.10.3-rev14.x
open-xchange / open-xchange_appsuite	7.10.3-rev15	7.10.3-rev15.x
open-xchange / open-xchange_appsuite	7.10.3-rev16	7.10.3-rev16.x
open-xchange / open-xchange_appsuite	7.10.3-rev17	7.10.3-rev17.x
open-xchange / open-xchange_appsuite	7.10.3-rev7	7.10.3-rev7.x
open-xchange / open-xchange_appsuite	7.10.3-rev8	7.10.3-rev8.x
open-xchange / open-xchange_appsuite	7.10.3-rev9	7.10.3-rev9.x
open-xchange / open-xchange_appsuite	7.10.4-rev14	7.10.4-rev14.x
open-xchange / open-xchange_appsuite	7.10.4-rev15	7.10.4-rev15.x
open-xchange / open-xchange_appsuite	7.10.4-rev16	7.10.4-rev16.x
open-xchange / open-xchange_appsuite	7.10.4-rev17	7.10.4-rev17.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo