Vulnerabilities > Group Office > Group Office > 6.6.145

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2024-23941 Cross-site Scripting vulnerability in Group-Office Group Office
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
network
low complexity
group-office CWE-79
5.4
5.4
2024-01-18 CVE-2024-22418 Cross-site Scripting vulnerability in Group-Office Group Office
Group-Office is an enterprise CRM and groupware tool.
network
low complexity
group-office CWE-79
5.4
5.4
2023-11-07 CVE-2023-46730 Server-Side Request Forgery (SSRF) vulnerability in Group-Office Group Office
Group-Office is an enterprise CRM and groupware tool.
network
low complexity
group-office CWE-918
8.8
8.8
2023-04-27 CVE-2023-25292 Cross-site Scripting vulnerability in Group-Office Group Office 6.6.145
Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie.
network
low complexity
group-office CWE-79
6.1
6.1