CVE-2023-25292 Information

Description

Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145 allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie.

Reference

http://group-office.com https://github.com/brainkok/CVE-2023-25292 http://intermesh.com