Group Office@6.4.196 Security Vulnerabilities and Issues — Group Office@6.4.196 CVE List

Lucene search

Group-officeGroup Office6.4.196

3 matches found

CVE•added 2021/04/14 5:15 p.m.•36 views

CVE-2020-35419

Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.

6.1CVSS6AI score0.00201EPSS

CVE•added 2021/04/14 5:15 p.m.•32 views

CVE-2020-35418

Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.

5.4CVSS5.2AI score0.00172EPSS

CVE•added 2021/04/14 5:15 p.m.•30 views

CVE-2021-28060

A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.

5.3CVSS5.3AI score0.00276EPSS