Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Intermesh — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting Intermesh. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Intermesh:groupoffice
CVE IDTitleCVSSSeverityPublished
CVE-2026-34838 Group-Office: Authenticated Remote Code Execution via PHP Insecure Deserialization in `AbstractSettingsCollection` — groupofficeCWE-502 10.0 Critical2026-04-02
CVE-2026-33755 Authenticated SQL Injection in Contact/query addressBookIds filter — groupofficeCWE-89 8.8 High2026-03-27
CVE-2026-30238 Group-Office: Reflected XSS in JavaScript context — groupofficeCWE-79 6.1 -2026-03-06
CVE-2026-30237 Group-Office: Self XSS in GroupOffice Installer License Page (install/license.php) — groupofficeCWE-79 6.1 -2026-03-06
CVE-2026-27947 Group-Office Vulnerable to Remote Code Execution (RCE) — groupofficeCWE-88 8.0 -2026-02-27
CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator — groupofficeCWE-89 8.8 -2026-02-27
CVE-2026-25511 Group-Office is vulnerable to SSRF and File Read in WOPI service discovery — groupofficeCWE-918 6.8AIMediumAI2026-02-04
CVE-2026-25512 Group-Office is vulnerable to RCE due to Command Injection via TNEF Attachment Handler — groupofficeCWE-78 8.8AIHighAI2026-02-04
CVE-2026-25134 Group-Office Argument Injection in MaintenanceController::actionZipLanguage — groupofficeCWE-88 7.2AIHighAI2026-02-02
CVE-2026-23887 Group-Office has stored XSS vulnerability via unsanitized filenames — groupofficeCWE-79 5.4AIMediumAI2026-01-21
CVE-2025-48993 Group-Office vulnerable to reflected XSS via Look and Feel Formatting input — groupofficeCWE-79 6.1AIMediumAI2025-06-17
CVE-2025-48992 Group-Office vulnerable to blind XSS — groupofficeCWE-79 5.4AIMediumAI2025-06-16
CVE-2025-48369 GroupOffice vulnerable to Stored XSS in Tasks Comment Section — groupofficeCWE-79 5.4AIMediumAI2025-05-22
CVE-2025-48368 GroupOffice's DOM-Based XSS in all Date Input Fields Allows Arbitrary JavaScript Execution — groupofficeCWE-79 6.1AIMediumAI2025-05-22
CVE-2025-48366 GroupOffice's Blind Stored XSS in Phone Number Field Enables Forced Redirect and Unauthorized Actions — groupofficeCWE-79 5.4AIMediumAI2025-05-22
CVE-2025-25191 Group-Office has a Stored XSS Vulnerability via user's name field — groupofficeCWE-79 5.4 -2025-03-06
CVE-2024-22418 Stored Cross-site Scripting Vulnerability via Malicious File Names in GroupOffice — groupofficeCWE-79 6.5 Medium2024-01-18
CVE-2023-46730 Server-Side Request Forgery in groupoffice — groupofficeCWE-918 7.4 High2023-11-07

This page lists every published CVE security advisory associated with Intermesh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.