CVE-2025-53504

Medium CVSS: 4.8

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.

Vendor

Group-office

Product

Group Office

CWE

CWE-79

Yayın Tarihi

2025-08-21 05:15:32

Güncelleme

2025-09-24 00:14:41

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-79 Group Office MEDIUM Group-office 2025

Referanslar

https://jvn.jp/en/jp/JVN72111431/ https://www.group-office.com/

Benzer Kayıtlar

High

CVE-2026-25511

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, a…

Critical

CVE-2026-25512

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, a…

Critical

CVE-2026-25134

Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5…

Medium

CVE-2026-23887

Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.148 and below, and 25…

High

CVE-2025-63406

An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitra…

Medium

CVE-2025-53505

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerabil…