CNNVD-202506-1934 Information

CNNVD ID

CNNVD-202506-1934

Related CVE

CVE-2025-48992

• CNNVD Published: 2025-06-16

Description (Chinese)

groupoffice是Intermesh开源的一个集团办公室群件和CRM。 groupoffice 6.8.123和25.0.27之前版本存在安全漏洞，该漏洞源于存储型和盲型跨站脚本，可能导致执行任意代码。

Description (English)

Groupoffice is a group office of the Intermesh Open Source and CRM. There was a security loophole in the pre-group office 6.8.123 and 25.0.27 versions, which originated in storage and blind cross-site scripts and could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Intermesh

Published

2025-06-16

Last Modified

2026-02-24

References

https://github.com/Intermesh/groupoffice/security/advisories/GHSA-j35g-q5mc-jwgp https://github.com/Intermesh/groupoffice/commit/2e3695db9cdef1da7a9d754ff4d98f49f6924e2d https://access.redhat.com/security/cve/cve-2025-48992

Patch

https://github.com/Intermesh/groupoffice/releases