Group-office Security Vulnerabilities and Issues — Group-office CVE List

Lucene search

IntermeshGroup-office

3 matches found

CVE•added 2025/05/22 6:15 p.m.•49 views

CVE-2025-48366

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a stored and blind XSS vulnerability exists in the Phone Number field of the user profile within the GroupOffice application. This allows a malicious actor to inject persistent ...

7.9CVSS5.8AI score0.00046EPSS

CVE•added 2025/05/22 6:15 p.m.•46 views

CVE-2025-48368

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a DOM-based Cross-Site Scripting (XSS) vulnerability exists in the GroupOffice application, allowing attackers to execute arbitrary JavaScript code in the context of the victim'...

6.5CVSS5.7AI score0.00041EPSS

CVE•added 2025/05/22 6:15 p.m.•42 views

CVE-2025-48369

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a persistent Cross-Site Scripting (XSS) vulnerability exists in Groupoffice's tasks comment functionality, allowing attackers to execute arbitrary JavaScript by uploading an fil...

6.3CVSS5.2AI score0.00037EPSS