Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code.
{ "binaries": [ { "binary_name": "sogo", "binary_version": "5.10.0-2" }, { "binary_name": "sogo-activesync", "binary_version": "5.10.0-2" }, { "binary_name": "sogo-activesync-dbgsym", "binary_version": "5.10.0-2" }, { "binary_name": "sogo-common", "binary_version": "5.10.0-2" }, { "binary_name": "sogo-dbgsym", "binary_version": "5.10.0-2" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }