← Back to CVE List
CVE-2021-28060
A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt