Known Vulnerabilities for Group Office by Group-office
Listed below are 6 of the newest known vulnerabilities associated with "Group Office" by "Group-office".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34838 json | Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.156, 25.0.90, and 26... | Not Provided | 2026-04-02 | 2026-04-03 |
| CVE-2026-33755 json | Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.158, 25.0.92, and 26... | Not Provided | 2026-03-27 | 2026-03-27 |
| CVE-2024-22418 json | 5.4 - MEDIUM | 2024-01-18 | 2024-01-25 | |
| CVE-2023-46730 json | Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) v... | 8.8 - HIGH | 2023-11-07 | 2023-11-14 |
| CVE-2023-25292 json | Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privile... | 6.1 - MEDIUM | 2023-04-27 | 2023-05-05 |
| CVE-2021-28060 json | A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to ... | 5.3 - MEDIUM | 2021-04-14 | 2021-04-19 |
| CVE-2020-35419 json | Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter. | 6.1 - MEDIUM | 2021-04-14 | 2021-04-19 |
| CVE-2020-35418 json | Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file. | 5.4 - MEDIUM | 2021-04-14 | 2021-04-19 |