In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade egroupware/egroupware to version 23.1.20260601, 26.5.20260507 or higher.
egroupware/egroupware is a library that extends a classic groupware with an integrated CRM-system, a secure file-server and Collabora Online Office.
Affected versions of this package are vulnerable to External Control of File Name or Path via the processURL2InlineImages process. An attacker can access arbitrary files on the server by embedding a specially crafted image URL (such as file://) in the HTML body of an email, which is then processed and attached as an inline MIME part in outgoing mail. This allows exposure of sensitive files readable by the web server process, such as configuration files, credentials, or private keys.