CNNVD-202507-1646 Information
Jul 11, 2025
cve
CNNVD ID
CNNVD-202507-1646
Related CVE
- CNNVD Published: 2025-07-11
Description (Chinese)
EGroupware是EGroupware公司的一个在线办公平台。 EGroupware 17.1.20190111版本存在安全漏洞,该漏洞源于calendar/freebusy.php存在反射型跨站脚本,可能导致未经验证的远程攻击者注入任意Web脚本或HTML。
Description (English)
EGroupware is an online office platform for EGroupware. There is a security loophole in the EGroupware 17.1.2019111 version, which originates in the calendar/freebusy.php cross-site script, which could result in unverified long-range assailants injecting a random Web script or HTML.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
EGroupware
Published
2025-07-11
Last Modified
2026-02-24
References
https://www.gruppotim.it/it/footer/red-team.html https://access.redhat.com/security/cve/cve-2023-38329
Patch
https://www.egroupware.org/en/download
Share on: