CVE-2025-25191 Information

Description

Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100.

Reference

https://github.com/Intermesh/groupoffice/commit/c5c83e19a5cdf93b0e758726c97597861f1d6eda https://github.com/Intermesh/groupoffice/security/advisories/GHSA-j7p3-v652-p3gf