cbcvebase.
CVE-2025-30191
published 2025-10-31

CVE-2025-30191: Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to perform unintended actions or provide sensitive information…

PriorityP425medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
EPSS
0.18%
7.4th percentile
Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to perform unintended actions or provide sensitive information to a third party which would enable further threats. Attribute values containing HTML fragments are now denied by the sanitization procedure. No publicly available exploits are known

Affected

1 ranges
VendorProductVersion rangeFixed in
open-xchange_gmbhox_app_suite<= 7.6.3-rev77
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.