Vulnerabilities > Alinto

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-48104 Cross-site Scripting vulnerability in Alinto Sogo
Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.
network
low complexity
alinto CWE-79
6.1
2023-06-14 CVE-2020-22402 Cross-site Scripting vulnerability in Alinto Sogo web Mail
Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.
network
low complexity
alinto CWE-79
6.1
2022-12-16 CVE-2022-4556 Improper Enforcement of Message or Data Structure vulnerability in Alinto Sogo
A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic.
network
low complexity
alinto CWE-707
6.1
2022-12-16 CVE-2022-4558 Improper Enforcement of Message or Data Structure vulnerability in Alinto Sogo
A vulnerability was found in Alinto SOGo up to 5.7.1.
network
low complexity
alinto CWE-707
6.1
2017-02-03 CVE-2016-6188 Resource Management Errors vulnerability in Alinto Sogo 2.3.7
Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of service (memory consumption) via a large number of attempts to upload a large attachment, related to temporary files.
network
low complexity
alinto CWE-399
6.5