CNNVD-202511-1560 Information
Nov 13, 2025
cve
CNNVD ID
CNNVD-202511-1560
Related CVE
- CNNVD Published: 2025-11-13
Description (Chinese)
groupoffice是Intermesh开源的一个集团办公室群件和CRM。 groupoffice 25.0.47之前版本和6.8.136之前版本存在安全漏洞,该漏洞源于FunctionField.php中的dbToApi和eval函数存在缺陷,可能导致执行任意代码。
Description (English)
Groupoffice is a group office of the Intermesh Open Source and CRM. There is a security loophole in the previous version of Groupoffice 25.0.47 and the previous version of 6.8.136, which stems from deficiencies in the dbToApi and eval functions in Functionfield.php, which may lead to the execution of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Intermesh
Published
2025-11-13
Last Modified
2026-02-24
References
https://noahheraud.com/posts/CVE-2025-63406/ https://access.redhat.com/security/cve/cve-2025-63406
Patch
https://github.com/Intermesh/groupoffice/releases
Share on: