378 matches found
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
SOGo <= 5.12.4 XSS Vulnerability
SOGo is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:alinto:sogo"; if...
EUVD-2025-201283
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
DEBIAN-CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
UBUNTU-CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
SOGo 安全漏洞
SOGo is a very fast and extensible modern collaboration suite from Alinto Open Source. It provides calendaring, address book management and a full-featured webmail client as well as resource sharing and permission handling. A security vulnerability exists in SOGo version 5.12.3, which stems from...
CVE-2025-63499
SOGo 5.12.3 is affected by a Cross Site Scripting (XSS) vulnerability triggered via the theme parameter. The issue is confirmed in multiple sources (e.g., Debian LTS DLA-4434-1) with remediation by upgrading to 5.0.1-4+deb11u3 on Debian 11 (Bullseye). Public CVE is CVE-2025-63499; CVSSv3 base sco...
Linux Distros Unpatched Vulnerability : CVE-2025-63499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter. CVE-2025-63499 Note that Nessus relies on the presence of the package as...
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
CVE-2025-63499
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...
Debian dla-4386 : sogo - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4386 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4386-1 [email protected] https://www.debian.org/lts/security/...
CVE-2025-63498
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...
Debian: Security Advisory (DLA-4386-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4386-1] sogo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4386-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini November 28, 2025 https://wiki.debian.org/LTS -...
DLA-4386-1 sogo - security update
Bulletin has no description...
Linux Distros Unpatched Vulnerability : CVE-2025-63498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the userName parameter. CVE-2025-63498 Note that Nessus relies on the presence of the package a...
EUVD-2025-198998
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...