CVE-2025-25191
- Source
- https://cve.org/CVERecord?id=CVE-2025-25191
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-25191.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-25191
- Aliases
-
- GHSA-j7p3-v652-p3gf
- Published
- 2025-03-06T18:41:00.761Z
- Modified
- 2026-04-10T05:23:11.782161Z
- Severity
-
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N CVSS Calculator
- Summary
- Group-Office has a Stored XSS Vulnerability via user's name field
- Details
-
Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-79" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/25xxx/CVE-2025-25191.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/25xxx/CVE-2025-25191.json
- https://github.com/Intermesh/groupoffice/security/advisories/GHSA-j7p3-v652-p3gf
- https://nvd.nist.gov/vuln/detail/CVE-2025-25191
- https://github.com/Intermesh/groupoffice/commit/c5c83e19a5cdf93b0e758726c97597861f1d6eda
Affected packages
Git / github.com/intermesh/groupoffice
Affected ranges
- Type
- GIT
- Repo
- https://github.com/intermesh/groupoffice
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v6.*
v6.3.1
v6.3.10
v6.3.11
v6.3.12
v6.3.14
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.3.8
v6.4.23
v6.4.25
v6.4.26
v6.4.27
v6.4.28
v6.4.29
v6.4.30
v6.4.31
v6.4.32
v6.4.33
v6.4.34
v6.4.35
v6.4.36
v6.4.37
v6.4.38
v6.4.39
v6.4.40
v6.4.41
v6.4.42
v6.4.43
v6.4.44
v6.4.49
v6.4.50
v6.4.51
v6.5.30
v6.5.31
v6.5.32
v6.5.33
v6.5.34
v6.5.35
v6.5.36
v6.5.37
v6.5.38
v6.5.39
v6.5.41
v6.5.42
v6.5.43
v6.5.44
v6.5.45
v6.5.46
v6.5.47
v6.5.48
v6.5.49
v6.5.50
v6.5.51
v6.5.52
v6.5.53
v6.5.54
v6.5.55
v6.5.56
v6.5.57
v6.5.58
v6.5.59
v6.5.60
v6.5.61
v6.5.62
v6.5.63
v6.5.64
v6.5.65
v6.5.66
v6.5.67
v6.5.68
v6.5.69
v6.5.70
v6.5.71
v6.5.72
v6.5.73
v6.5.74
v6.5.75
v6.5.76
v6.5.77
v6.5.78
v6.5.79
v6.5.80
v6.5.81
v6.5.82
v6.5.84
v6.5.85
v6.5.86
v6.5.88
v6.5.89
v6.5.90
v6.5.91
v6.5.92
v6.5.93
v6.5.95
v6.5.96
v6.6.100
v6.6.102
v6.6.103
v6.6.104
v6.6.105
v6.6.106
v6.6.107
v6.6.110
v6.6.117
v6.6.118
v6.6.119
v6.6.124
v6.6.125
v6.6.126
v6.6.127
v6.6.128
v6.6.129
v6.6.130
v6.6.131
v6.6.132
v6.6.133
v6.6.134
v6.6.135
v6.6.136
v6.6.137
v6.6.138
v6.6.139
v6.6.140
v6.6.141
v6.6.143
v6.6.27
v6.6.28
v6.6.29
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.70
v6.6.71
v6.6.72
v6.6.81
v6.6.82
v6.6.83
v6.6.84
v6.6.85
v6.6.86
v6.6.87
v6.6.88
v6.6.89
v6.6.90
v6.6.91
v6.6.92
v6.6.93
v6.6.94
v6.6.95
v6.6.96
v6.6.97
v6.6.98
v6.6.99
v6.7.10
v6.7.11
v6.7.12
v6.7.13
v6.7.14
v6.7.15
v6.7.17
v6.7.19
v6.7.20
v6.7.22
v6.7.24
v6.7.25
v6.7.26
v6.7.27
v6.7.28
v6.7.29
v6.7.30
v6.7.31
v6.7.32
v6.7.33
v6.7.35
v6.7.36
v6.7.37
v6.7.38
v6.7.39
v6.7.40
v6.7.41
v6.7.42
v6.7.43
v6.7.44
v6.7.8
v6.7.9
v6.8.10
v6.8.11
v6.8.12
v6.8.14
v6.8.15
v6.8.16
v6.8.17
v6.8.18
v6.8.19
v6.8.21
v6.8.23
v6.8.24
v6.8.25
v6.8.26
v6.8.28
v6.8.29
v6.8.30
v6.8.31
v6.8.32
v6.8.33
v6.8.34
v6.8.35
v6.8.37
v6.8.38
v6.8.39
v6.8.40
v6.8.41
v6.8.42
v6.8.43
v6.8.44
v6.8.45
v6.8.47
v6.8.49
v6.8.50
v6.8.54
v6.8.56
v6.8.57
v6.8.58
v6.8.59
v6.8.6
v6.8.60
v6.8.61
v6.8.62
v6.8.63
v6.8.64
v6.8.66
v6.8.69
v6.8.7
v6.8.70
v6.8.73
v6.8.76
v6.8.77
v6.8.79
v6.8.83
v6.8.84
v6.8.85
v6.8.87
v6.8.88
v6.8.9
v6.8.90
v6.8.93
v6.8.94
v6.8.95
v6.8.96
v6.8.97
v6.8.98