Описание
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| sogo | fixed | 5.12.4-1.2 | package | |
| sogo | fixed | 5.12.1-3+deb13u1 | trixie | package |
| sogo | fixed | 5.8.0-2+deb12u1 | bookworm | package |
Примечания
Fixed by: https://github.com/Alinto/sogo/commit/16ab99e7cf8db2c30b211f0d5e338d7f9e3a9efb
https://github.com/poblaguev-tot/CVE-2025-63499
Связанные уязвимости
CVSS3: 6.1
ubuntu
2 месяца назад
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.
CVSS3: 6.1
nvd
2 месяца назад
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.
CVSS3: 6.1
github
2 месяца назад
Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.