6 matches found
[SECURITY] [DLA 4386-1] sogo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4386-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini November 28, 2025 https://wiki.debian.org/LTS -...
CVE-2025-63498
creationtimestamp| type| source ---|---|--- 2025-11-25 01:18:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6g6az6ajn2s...
Linux Distros Unpatched Vulnerability : CVE-2025-63498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the userName parameter. CVE-2025-63498 Note that Nessus relies on the presence of the package a...
CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
CVE-2025-63498
Summary: CVE-2025-63498 affects alinto SOGo 5.12.3, where an XSS flaw is exposed via the userName parameter on the authentication page. The vulnerability allows arbitrary JavaScript execution in affected sessions. Debian’s LTS advisory (DLA-4386-1) indicates the fixed version for Debian 11 is 5.0...
CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...