Published: 27/04/2023 Updated: 05/05/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows malicious users to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie.

Vulnerable Product	Search on Vulmon	Subscribe to Product
group-office group office 6.6.145

Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie

CVE-2023-25292 Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 66145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie Vulnerability Details Product: Group Office Application Version: 66145 Vulnerability Type: Reflected XSS Severity: Medium CVSS v31 Score: 61 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L

CVE-2023-25292 Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 66145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie Vulnerability Details Product: Group Office Application Version: 66145 Vulnerability Type: Reflected XSS Severity: High CVSS v3 Score: 75 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 http://group-office.com https://github.com/brainkok/CVE-2023-25292 http://intermesh.com https://nvd.nist.gov https://github.com/brainkok/CVE-2023-25292

CVE-2023-25292

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect