Lucene search
K

378 matches found

RedhatCVE
RedhatCVE
added 2025/12/11 5:3 a.m.9 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS6AI score0.00269EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2025/12/05 12:0 a.m.12 views

SOGo <= 5.12.4 XSS Vulnerability

SOGo is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:alinto:sogo"; if...

6.1CVSS6AI score0.00269EPSS
Exploits2References1
EUVD
EUVD
added 2025/12/04 9:31 p.m.4 views

EUVD-2025-201283

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

5.7AI score0.00269EPSS
Exploits2References3
NVD
NVD
added 2025/12/04 8:16 p.m.5 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS0.00269EPSS
Exploits2References2
OSV
OSV
added 2025/12/04 8:16 p.m.1 views

DEBIAN-CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS5.1AI score0.00269EPSS
Exploits2References1
OSV
OSV
added 2025/12/04 8:16 p.m.3 views

UBUNTU-CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS5.8AI score0.00269EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/12/04 12:0 a.m.23 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

0.00269EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/12/04 12:0 a.m.1 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

5.8AI score0.00269EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.5 views

SOGo 安全漏洞

SOGo is a very fast and extensible modern collaboration suite from Alinto Open Source. It provides calendaring, address book management and a full-featured webmail client as well as resource sharing and permission handling. A security vulnerability exists in SOGo version 5.12.3, which stems from...

6.1CVSS5.8AI score0.00269EPSS
Exploits2References4
CVE
CVE
added 2025/12/04 12:0 a.m.26 views

CVE-2025-63499

SOGo 5.12.3 is affected by a Cross Site Scripting (XSS) vulnerability triggered via the theme parameter. The issue is confirmed in multiple sources (e.g., Debian LTS DLA-4434-1) with remediation by upgrading to 5.0.1-4+deb11u3 on Debian 11 (Bullseye). Public CVE is CVE-2025-63499; CVSSv3 base sco...

6.1CVSS5.8AI score0.00269EPSS
Exploits2References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-63499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter. CVE-2025-63499 Note that Nessus relies on the presence of the package as...

6.1CVSS6AI score0.00269EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2025/12/04 12:0 a.m.5 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS5AI score0.00269EPSS
Exploits2
OSV
OSV
added 2025/12/04 12:0 a.m.5 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS6.2AI score0.00269EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

Debian dla-4386 : sogo - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4386 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4386-1 [email protected] https://www.debian.org/lts/security/...

6.1CVSS6AI score0.00241EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/12/02 6:3 a.m.8 views

CVE-2025-63498

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...

6.1CVSS6.3AI score0.00241EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/12/01 12:0 a.m.3 views

Debian: Security Advisory (DLA-4386-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.00241EPSS
Exploits1References2
Debian
Debian
added 2025/11/28 3:35 p.m.14 views

[SECURITY] [DLA 4386-1] sogo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4386-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini November 28, 2025 https://wiki.debian.org/LTS -...

6.1CVSS6.4AI score0.00241EPSS
Exploits1
OSV
OSV
added 2025/11/28 12:0 a.m.3 views

DLA-4386-1 sogo - security update

Bulletin has no description...

6.1CVSS6.9AI score0.00241EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-63498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the userName parameter. CVE-2025-63498 Note that Nessus relies on the presence of the package a...

6.1CVSS6AI score0.00241EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/24 9:31 p.m.3 views

EUVD-2025-198998

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting XSS via the "userName" parameter...

6.1CVSS5.7AI score0.00241EPSS
Exploits1References3
Rows per page
Query Builder