0.001 Low
EPSS
Percentile
30.6%
sogo is vulnerable to Cross-site Scripting (XSS). The vulnerability exists in the _migrateMailIdentities function in SOGoUserDefaults.m of Identity Handler component, allowing an attacker to inject and execute malicious javascript
_migrateMailIdentities
SOGoUserDefaults.m
Identity Handler
github.com/Alinto/sogo/commit/efac49ae91a4a325df9931e78e543f707a0f8e5e
github.com/Alinto/sogo/releases/tag/SOGo-5.8.0
security-tracker.debian.org/tracker/CVE-2022-4556
vuldb.com/?id.215960