Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/03/06 9:13 p.m.24 views

CVE-2026-30237 Group-Office: Self XSS in GroupOffice Installer License Page (install/license.php)

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in the GroupOffice installer, endpoint install/license.php. The POST field license is rendered without escaping inside a ,...

2.1CVSS0.00231EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/06 9:13 p.m.5 views

CVE-2026-30237 Group-Office: Self XSS in GroupOffice Installer License Page (install/license.php)

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in the GroupOffice installer, endpoint install/license.php. The POST field license is rendered without escaping inside a ,...

2.1CVSS5.8AI score0.00231EPSS
Exploits1References1
OSV
OSV
added 2026/03/06 9:13 p.m.7 views

CVE-2026-30237 Group-Office: Self XSS in GroupOffice Installer License Page (install/license.php)

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in the GroupOffice installer, endpoint install/license.php. The POST field license is rendered without escaping inside a ,...

2.1CVSS5.8AI score0.00231EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/29 10:51 a.m.7 views

CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...

6.9CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 3:42 p.m.5 views

CVE-2024-3788

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through License /admin/CDPUsers. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

6.6CVSS6AI score0.00611EPSS
Exploits0References1
Rows per page
Query Builder