Group-office Groupware Security Vulnerabilities and Issues — Group-office Groupware CVE List

Lucene search

Group-officeGroup-office Groupware

3 matches found

CVE•added 2007/05/16 7:28 p.m.•30 views

CVE-2007-2720

Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for (1) message.php and (2) messages.php in modules/email/. NOTE: some of these details are obtained from third party information.

4.3CVSS6.3AI score0.00381EPSS

Web

CVE•added 2025/08/21 5:15 a.m.•8 views

CVE-2025-53505

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed.

5.3CVSS6.8AI score0.00046EPSS

CVE•added 2025/08/21 5:15 a.m.•6 views

CVE-2025-53504

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.

5.4CVSS6.5AI score0.00032EPSS