CVE-2021-27770

The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt