Group Office Security Vulnerabilities and Issues — Group Office CVE List

Lucene search

Group-officeGroup Office

3 matches found

CVE•added 2024/01/18 9:15 p.m.•203 views

CVE-2024-22418

Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerability which is present in the file upload mechanism of Group Office. It allows an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For instance, using a filename such ...

6.5CVSS5.9AI score0.00236EPSS

CVE•added 2021/04/14 5:15 p.m.•36 views

CVE-2020-35419

Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.

6.1CVSS6AI score0.00201EPSS

CVE•added 2023/04/27 1:15 a.m.•34 views

CVE-2023-25292

Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie.

6.1CVSS6.1AI score0.00244EPSS