Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 13 results


CVE-2024-24510

Medium priority
Needs evaluation

Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component.

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-34462

Medium priority
Needs evaluation

Alinto SOGo through 5.10.0 allows XSS during attachment preview.

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-48104

Medium priority
Needs evaluation

Alinto SOGo before 5.9.1 is vulnerable to HTML Injection.

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-22402

Medium priority
Vulnerable

Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Not affected Vulnerable Needs evaluation Needs evaluation
Show less packages

CVE-2022-4558

Medium priority
Needs evaluation

A vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads...

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-4556

Medium priority
Needs evaluation

A vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The...

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-33054

Medium priority
Needs evaluation

SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication...

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2015-5395

Medium priority
Vulnerable

Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-6191

Medium priority
Vulnerable

Multiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL,...

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-6190

Low priority
Vulnerable

SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the "View the Date &...

1 affected packages

sogo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sogo Not in release Not affected Not affected Not affected Vulnerable
Show less packages