CVE-2024-24510 Information

Description

Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component.

Reference

https://book.hacktricks.xyz/pentesting-web/xs-search/css-injection https://github.com/Alinto/sogo/commit/21468700718ed71774eaf2979ee59330fc569424