CVE-2025-25191

Medium CVSS: 6.9

Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100.

Vendor

Group-office

Product

Group Office

CWE

CWE-79

Yayın Tarihi

2025-03-06 19:15:27

Güncelleme

2025-10-10 20:11:15

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-79 Group Office MEDIUM Group-office 2025

Referanslar

https://github.com/Intermesh/groupoffice/commit/c5c83e19a5cdf93b0e758726c97597861f1d6eda https://github.com/Intermesh/groupoffice/security/advisories/GHSA-j7p3-v652-p3gf

Benzer Kayıtlar

High

CVE-2026-25511

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, a…

Critical

CVE-2026-25512

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, a…

Critical

CVE-2026-25134

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…

Medium

CVE-2026-23887

Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.148 and below, and 25…

High

CVE-2025-63406

An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitra…

Medium

CVE-2025-53505

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerabil…