Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
NA
CVE-2024-34462
Published: 04/05/2024 Updated: 06/05/2024
Vulnerability Summary
Alinto SOGo up to and including 5.10.0 allows XSS during attachment preview.
Vendor Advisories
Debian CVElist Bug Report Logs: sogo: CVE-2024-34462
Debian Bug report logs - #1071163 sogo: CVE-2024-34462 Package: src:sogo; Maintainer for src:sogo is Debian SOGo Maintainers <pkg-sogo-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 15 May 2024 10:15:02 UTC Severity: important Tags: security, upstream Found in ...
References
https://github.com/Alinto/sogo/commit/2e37e59ed140d4aee0ff2fba579ca5f83f2c5920
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071163
https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started