Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:33 p.m.4 views

CVE-2026-45551

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any userid via index.php?r=core/saveSetting. A separate client-side sink in the email module...

5.1CVSS5.6AI score0.0023EPSS
Exploits0References1
NVD
NVDadded 2026/05/29 1:16 p.m.15 views

CVE-2026-45551

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any userid via index.php?r=core/saveSetting. A separate client-side sink in the email module...

5.1CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/29 12:34 p.m.8 views

CVE-2026-45551 Group-Office: Authenticated Stored XSS in Administrator Context via Arbitrary Cross-User Setting Write

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any userid via index.php?r=core/saveSetting. A separate client-side sink in the email module...

5.1CVSS5.9AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 12:34 p.m.33 views

CVE-2026-45551 Group-Office: Authenticated Stored XSS in Administrator Context via Arbitrary Cross-User Setting Write

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 26.0.25, 25.0.100, and 6.8.165, GroupOffice allows authenticated users to persist arbitrary legacy settings for any userid via index.php?r=core/saveSetting. A separate client-side sink in the email module...

5.1CVSS0.0023EPSS
Exploits0References1
CVE
CVEadded 2026/05/29 12:34 p.m.16 views

CVE-2026-45551

Affected product: Group-Office (enterprise CRM/groupware). Vulnerability details: Before versions 26.0.25, 25.0.100, and 6.8.165, an authenticated user can persist arbitrary legacy settings for any user_id via index.php?r=core/saveSetting, and a client-side sink in the email module injects email_...

5.1CVSS5.9AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/29 12:0 a.m.8 views

Group Office 安全漏洞

Group Office is a modular office suite developed by the Dutch company Group Office. Versions of Group Office prior to 26.0.25, 25.0.100, and 6.8.165 contained security vulnerabilities. These vulnerabilities stemmed from allowing authenticated users to persist legacy settings for arbitrary user ID...

5.1CVSS5.8AI score0.0023EPSS
Exploits0References1
Rows per page
Query Builder