Search CVE reports
1 – 10 of 13 results
CVE-2024-24510
Medium priorityCross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component.
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-34462
Medium priorityAlinto SOGo through 5.10.0 allows XSS during attachment preview.
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-48104
Medium priorityAlinto SOGo before 5.9.1 is vulnerable to HTML Injection.
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-22402
Medium priorityCross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Not affected | Vulnerable | Needs evaluation | Needs evaluation |
CVE-2022-4558
Medium priorityA vulnerability was found in Alinto SOGo up to 5.7.1. It has been classified as problematic. This affects an unknown part of the file SoObjects/SOGo/NSString+Utilities.m of the component Folder/Mail Handler. The manipulation leads...
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-4556
Medium priorityA vulnerability was found in Alinto SOGo up to 5.7.1 and classified as problematic. Affected by this issue is the function _migrateMailIdentities of the file SoObjects/SOGo/SOGoUserDefaults.m of the component Identity Handler. The...
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-33054
Medium prioritySOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication...
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2015-5395
Medium priorityCross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-6191
Medium priorityMultiple cross-site scripting (XSS) vulnerabilities in the View Raw Source page in the Web Calendar in SOGo before 3.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Description, (2) Location, (3) URL,...
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-6190
Low prioritySOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the "View the Date &...
1 affected packages
sogo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sogo | Not in release | Not affected | Not affected | Not affected | Vulnerable |