Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:46796
HistoryMay 08, 2024 - 6:00 a.m.

Cross-Site Scripting

2024-05-0806:00:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
libsogo
cross-site scripting
vulnerability
attachment preview
javascript code
browser session
software

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

libSOGo.so is vulnerable to Cross-Site Scripting. The vulnerability is due to inadequate sanitization during attachment preview. This allows an attacker to execute arbitrary JavaScript code within the context of the user’s browser session.

CPENameOperatorVersion
libsogo.sole5.2.0
libsogo.sole5.2.0

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%