Lucene search
+L
IntermeshGroup-office

12 matches found

cve
cve
added 2025/05/22 5:28 p.m.70 views

CVE-2025-48366

GroupOffice (Intermesh BV) contains a stored blind XSS in the user profile Phone Number field, exploitable prior to versions 6.8.119 and 25.0.20. The payload can persist and execute when other users view the Address Book, enabling actions like forced redirects and unauthorized fetches. Versions 6...

7.9CVSS5.8AI score0.0022EPSS
cve
cve
added 2010/09/16 9:0 p.m.62 views

CVE-2010-3428

CVE-2010-3428 affects Intermesh Group-Office 3.5.9. The vulnerability is an SQL injection in the file modules/notes/json.php, exploitable via the category_id parameter in a category action. This allows remote attackers to manipulate the database (arbitrary SQL commands) without authentication, as...

7.5CVSS8.6AI score0.00961EPSS
Web
cve
cve
added 2025/05/22 5:33 p.m.59 views

CVE-2025-48369

CVE-2025-48369 affects Group-Office (enterprise CRM/groupware). A persistent XSS flaw exists in the tasks comment feature where uploading a file with a crafted filename allows arbitrary JavaScript to run when users view the task comment. The issue stems from failing to sanitize image filenames be...

6.3CVSS5.2AI score0.00214EPSS
cve
cve
added 2025/05/22 5:29 p.m.57 views

CVE-2025-48368

The CVE-2025-48368 entry concerns GroupOffice, an enterprise groupware/CRM product. A DOM-based Cross-Site Scripting (XSS) vulnerability exists in all date-input related processing, allowing an attacker to execute arbitrary JavaScript in the victim’s browser. Affected versions are prior to 6.8.11...

6.5CVSS5.7AI score0.00218EPSS
cve
cve
added 2025/06/17 12:43 a.m.37 views

CVE-2025-48993

Group-Office (enterprise CRM/groupware) is affected by a reflected XSS via the Look and Feel Formatting fields. The issue arises because input in these fields is not properly sanitized. Affected versions: before 6.8.123 and before 25.0.27. Patches exist: 6.8.123 and 25.0.27. Remediation: upgrade ...

6.1CVSS5.6AI score0.00211EPSS
cve
cve
added 2026/04/02 7:15 p.m.29 views

CVE-2026-34838

Group-Office contains an authenticated RCE in the AbstractSettingsCollection deserialization path. Before versions 6.8.156, 25.0.90, and 26.0.12, an attacker can inject a serialized FileCookieJar into a settings string, causing Arbitrary File Write and server RCE. This is fixed in 6.8.156, 25.0.9...

9.9CVSS5.9AI score0.01026EPSS
cve
cve
added 2025/06/16 10:17 p.m.28 views

CVE-2025-48992

Group-Office is affected by a stored and blind XSS in the Name field of user profiles for versions prior to 6.8.123 and prior to 25.0.27. The vulnerability allows an attacker to set their name to a JavaScript payload, which executes when the compromised user adds that attacker to Synchronization ...

6.3CVSS5.2AI score0.00224EPSS
cve
cve
added 2026/02/27 7:52 p.m.24 views

CVE-2026-27947

CVE-2026-27947 affects Group-Office and enables authenticated Remote Code Execution through the TNEF attachment processing flow. In affected versions (prior to 26.0.9, 25.0.87, and 6.8.154), processing winmail.dat extracts attacker-controlled files and then calls zip with a shell wildcard. Due to...

9.4CVSS6.2AI score0.00725EPSS
cve
cve
added 2026/03/06 9:13 p.m.21 views

CVE-2026-30237

Group-Office (enterprise CRM/groupware) is affected by a reflected XSS in the installer at install/license.php. Versions prior to 6.8.155, 25.0.88, and 26.0.10 render the POST parameter license inside a textarea without escaping, enabling a breakout sequence such as . This could allow arbitrary s...

6.1CVSS5.8AI score0.00231EPSS
Web
cve
cve
added 2026/03/06 9:14 p.m.18 views

CVE-2026-30238

CVE-2026-30238 affects Group-Office. A reflected XSS in the external/index flow arises from the f parameter (Base64 JSON) being decoded and injected into an inline JavaScript block without strict escaping, enabling arbitrary JavaScript execution in the victim’s browser. Affected versions are prio...

6.1CVSS5.9AI score0.00278EPSS
Web
cve
cve
added 2026/02/27 7:49 p.m.17 views

CVE-2026-27832

Group-Office (enterprise CRM/groupware) is affected by an authenticated SQL Injection in the advancedQueryData parameter (comparator) on index.php?r=email/template/emailSelection. Pre-fix versions 26.0.8, 25.0.87, and 6.8.153 process advancedQueryData with a weak allowlist, enabling blind boolean...

8.8CVSS6AI score0.00244EPSS
Web
cve
cve
added 2026/03/27 2:8 p.m.14 views

CVE-2026-33755

Group-Office (enterprise CRM/groupware) has an authenticated SQL Injection in the JMAP Contact/query endpoint affecting versions before 6.8.158, 25.0.92, and 26.0.17. An authenticated user with basic addressbook access can extract arbitrary data from the database, including active session tokens ...

8.8CVSS6.1AI score0.00387EPSS
Web