Vulnerabilities > Alinto > Sogo > 2.3.16

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-48104 Cross-site Scripting vulnerability in Alinto Sogo
Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.
network
low complexity
alinto CWE-79
6.1
6.1
2022-12-16 CVE-2022-4556 Unspecified vulnerability in Alinto Sogo
A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic.
network
low complexity
alinto
6.1
6.1
2022-12-16 CVE-2022-4558 Unspecified vulnerability in Alinto Sogo
A vulnerability was found in Alinto SOGo up to 5.7.1.
network
low complexity
alinto
6.1
6.1
2017-09-20 CVE-2015-5395 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
network
low complexity
debian alinto CWE-352
8.8
8.8
2017-02-17 CVE-2016-6191 Cross-site Scripting vulnerability in Alinto Sogo
Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL, or (4) Title field.
network
low complexity
alinto CWE-79
6.1
6.1