Known Vulnerabilities for Groupware by Horde
Listed below are 10 of the newest known vulnerabilities associated with "Groupware" by "Horde".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34838 | Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.156, 25.0.90, and 26... | Not Provided | 2026-04-02 | 2026-04-02 |
| CVE-2026-33755 | Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.158, 25.0.92, and 26... | Not Provided | 2026-03-27 | 2026-03-27 |
| CVE-2021-26929 | An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3... | 6.1 - MEDIUM | 2021-02-14 | 2021-04-19 |
| CVE-2020-8866 | This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edi... | 6.5 - MEDIUM | 2020-03-23 | 2022-10-07 |
| CVE-2020-8865 | This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Ed... | 6.3 - MEDIUM | 2020-03-23 | 2022-10-07 |
| CVE-2020-8518 | Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. | 9.8 - CRITICAL | 2020-02-17 | 2023-11-07 |
| CVE-2020-8035 | The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (X... | 6.1 - MEDIUM | 2020-05-18 | 2020-06-01 |
| CVE-2020-8034 | Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-... | 6.1 - MEDIUM | 2020-05-18 | 2020-05-31 |
| CVE-2019-12095 | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by th... | 8.8 - HIGH | 2019-10-24 | 2020-08-24 |
| CVE-2019-12094 | Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?fo... | 6.1 - MEDIUM | 2019-10-24 | 2019-12-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Horde | Groupware | 5.2.9 | All | All | All |
| Application | Horde | Groupware | 5.2.9 | All | All | All |
| Application | Horde | Groupware | 5.2.8 | All | All | All |
| Application | Horde | Groupware | 5.2.8 | All | All | All |
| Application | Horde | Groupware | 5.2.7 | All | All | All |
| Application | Horde | Groupware | 5.2.7 | All | All | All |
| Application | Horde | Groupware | 5.2.6 | All | All | All |
| Application | Horde | Groupware | 5.2.6 | All | All | All |
| Application | Horde | Groupware | 5.2.5 | All | All | All |
| Application | Horde | Groupware | 5.2.5 | All | All | All |
| Application | Horde | Groupware | 5.2.4 | All | All | All |
| Application | Horde | Groupware | 5.2.4 | All | All | All |
| Application | Horde | Groupware | 5.2.3 | All | All | All |
| Application | Horde | Groupware | 5.2.3 | All | All | All |
| Application | Horde | Groupware | 5.2.23 | All | All | All |
| Application | Horde | Groupware | 5.2.22 | All | All | All |
| Application | Horde | Groupware | 5.2.22 | All | All | All |
| Application | Horde | Groupware | 5.2.22 | All | All | All |
| Application | Horde | Groupware | 5.2.21 | All | All | All |
| Application | Horde | Groupware | 5.2.21 | All | All | All |