Vulnerabilities > Kopano

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-01	CVE-2022-26562	Improper Authentication vulnerability in Kopano Groupware Core 11.0.2.51 An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. network low complexity kopano CWE-287 critical	9.8
2021-03-31	CVE-2021-28994	Allocation of Resources Without Limits or Throttling vulnerability in multiple products kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers. network low complexity kopano zarafa CWE-770	7.5
2019-12-19	CVE-2019-19907	Classic Buffer Overflow vulnerability in Kopano Groupware Core HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data. network low complexity kopano CWE-120 critical	9.8
2017-07-26	CVE-2017-11666	Cross-site Scripting vulnerability in Kopano Webapp 3.3.0 Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file. network low complexity kopano CWE-79	6.1

Vulnerabilities > Kopano {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Kopano"}]}