CNNVD-202507-1647 Information

CNNVD ID

CNNVD-202507-1647

Related CVE

CVE-2023-38327

• CNNVD Published: 2025-07-11

Description (Chinese)

EGroupware是EGroupware公司的一个在线办公平台。 EGroupware 17.1.20190111版本存在安全漏洞，该漏洞源于calendar/freebusy.php存在用户枚举，可能导致未经验证的远程攻击者枚举Web应用用户。

Description (English)

EGroupware is an online office platform for EGroupware. There is a security loophole in the EGroupware 17.1.2019111 version, which originates from the calendar/freebusy.php ’ s user count, which may lead to uncertified long-range assailants placing the number of Web application users.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

EGroupware

Published

2025-07-11

Last Modified

2026-02-24

References

https://www.gruppotim.it/it/footer/red-team.html https://access.redhat.com/security/cve/cve-2023-38327

Patch

https://www.egroupware.org/en/download