Group-Office Group Office vulnerabilities
15 known vulnerabilities affecting group-office/group_office.
Total CVEs
15
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM11
Vulnerabilities
Page 1 of 1
CVE-2026-25512P1HIGHCVSS 8.8PoCfixed in 6.8.150≥ 25.0.1, < 25.0.82+1 more2026-02-04
CVE-2026-25512 [HIGH] CWE-78 CVE-2026-25512: Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, there is a remote code execution (RCE) vulnerability in Group-Office. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmp_file into an exec() call. By injecting shel
nvd
CVE-2026-25134P2HIGHCVSS 8.8fixed in 6.8.150≥ 25.0.1, < 25.0.82+1 more2026-02-02
CVE-2026-25134 [HIGH] CWE-88 CVE-2026-25134: Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150,
Group-Office is an enterprise customer relationship management and groupware tool. Prior to 6.8.150, 25.0.82, and 26.0.5, the MaintenanceController exposes an action zipLanguage which takes a lang parameter and passes it directly to a system zip command via exec(). This can be combined with uploading a crafted zip file to achieve remote code execution.
nvd
CVE-2025-63406P2HIGHCVSS 8.8fixed in 6.8.136≥ 25.0.1, < 25.0.472025-11-13
CVE-2025-63406 [HIGH] CWE-77 CVE-2025-63406: An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacke
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and eval() in the FunctionField.php
nvd
CVE-2023-46730P3HIGHCVSS 8.8≥ 6.3.1, < 6.6.177≥ 6.7.0, < 6.7.54+1 more2023-11-07
CVE-2023-46730 [HIGH] CWE-918 CVE-2023-46730: Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side
Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to untrusted domains. Note that protocols like file:// c
nvd
CVE-2021-28060P4MEDIUMCVSS 5.3v6.4.1962021-04-14
CVE-2021-28060 [MEDIUM] CWE-918 CVE-2021-28060: A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker
A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.
nvd
CVE-2025-53505P4MEDIUMCVSS 5.3fixed in 6.8.119≥ 25.0.1, < 25.0.202025-08-21
CVE-2025-53505 [MEDIUM] CWE-22 CVE-2025-53505: Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path
Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed.
nvd
CVE-2026-25511P4MEDIUMCVSS 4.9≥ 6.8.0, < 6.8.150≥ 25.0.1, < 25.0.82+1 more2026-02-04
CVE-2026-25511 [MEDIUM] CWE-918 CVE-2026-25511: Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The SSRF response body can be exfiltrated via the built‑in
nvd
CVE-2024-22418P4MEDIUMCVSS 5.4fixed in 6.8.292024-01-18
CVE-2024-22418 [MEDIUM] CWE-79 CVE-2024-22418: Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerabili
Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerability which is present in the file upload mechanism of Group Office. It allows an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For instance, using a filename such as “>.jpg” triggers the vulnerability. When this file
nvd
CVE-2026-23887P4MEDIUMCVSS 5.4fixed in 6.8.149≥ 25.0.1, < 25.0.802026-01-22
CVE-2026-23887 [MEDIUM] CWE-20 CVE-2026-23887: Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.1
Group-Office is an enterprise customer relationship management and groupware tool. In versions 6.8.148 and below, and 25.0.1 through 25.0.79, the application stores unsanitized filenames in the database, which can lead to Stored Cross-Site Scripting (XSS). Users who interact with these specially crafted file names within the Group-Office application
nvd
CVE-2024-23941P4MEDIUMCVSS 5.4fixed in 6.6.182≥ 6.7.0, < 6.7.64+1 more2024-02-01
CVE-2024-23941 [MEDIUM] CWE-79 CVE-2024-23941: Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and pr
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
nvd
CVE-2025-25191P4MEDIUMCVSS 5.4v6.8.992025-03-06
CVE-2025-25191 [MEDIUM] CWE-79 CVE-2025-25191: Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where use
Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100.
nvd
CVE-2023-25292P4MEDIUMCVSS 6.1v6.6.1452023-04-27
CVE-2023-25292 [MEDIUM] CWE-79 CVE-2023-25292: Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers
Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie.
nvd
CVE-2020-35419P4MEDIUMCVSS 6.1v6.4.1962021-04-14
CVE-2020-35419 [MEDIUM] CWE-79 CVE-2020-35419: Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.
Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.
nvd
CVE-2020-35418P4MEDIUMCVSS 5.4v6.4.1962021-04-14
CVE-2020-35418 [MEDIUM] CWE-79 CVE-2020-35418: Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted sv
Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.
nvd
CVE-2025-53504P4MEDIUMCVSS 4.8fixed in 6.8.119≥ 25.0.1, < 25.0.202025-08-21
CVE-2025-53504 [MEDIUM] CWE-79 CVE-2025-53504: Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross
Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.
nvd