Vulnerability Details CVE-2020-15003
OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2020-15003
-
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2
-
cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3