CNNVD-202506-1941 Information
CNNVD ID
CNNVD-202506-1941
Related CVE
- CNNVD Published: 2025-06-17
Description (Chinese)
Intermesh BV Group Office是Intermesh BV开源的一个企业 CRM 和群件工具。 Intermesh BV Group Office 6.8.123之前版本和25.0.27之前版本存在跨站脚本漏洞,该漏洞源于输入清理不足,可能导致反射型跨站脚本攻击。
Description (English)
Intermesh BV Group Office is a CRM and groupware tool for an Intermesh BV open source enterprise. The previous versions of Intermesh BV Group Office 6.8.123 and that of 25.0.27 had a cross-site script loophole, which stemmed from inadequate input clean-up and could lead to a reflex-type cross-site script attack.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Intermesh BV
Published
2025-06-17
Last Modified
2026-02-24
References
https://github.com/Intermesh/groupoffice/commit/1e2a2450f204174f87a93217838d74718996dcdd https://github.com/Intermesh/groupoffice/commit/a9031884f6a6fbd0f08a8b7790514b5bc0937c11 https://github.com/Intermesh/groupoffice/security/advisories/GHSA-xv2x-v374-92gv
Patch
https://github.com/Intermesh/groupoffice/releases
Share on: