📦 Groupsession

This vulnerability allows remote unauthenticated attackers to access arbitrary files on GroupSession servers, potentially exposing sensitive information. It affects GroupSession Free edition, GroupSes...

A reflected cross-site scripting (XSS) vulnerability in GroupSession collaboration software allows attackers to execute arbitrary JavaScript in users' browsers by tricking them into visiting malicious...

Stored cross-site scripting (XSS) vulnerability in GroupSession products allows authenticated users to inject malicious scripts that execute in other users' browsers when they view crafted content. Th...

This vulnerability allows attackers to redirect users to arbitrary malicious websites by exploiting a default configuration in GroupSession products. It affects all users of GroupSession Free edition,...

An SQL injection vulnerability in GroupSession products allows authenticated users to execute arbitrary SQL commands. This could lead to unauthorized access, modification, or exfiltration of database ...

A stored cross-site scripting (XSS) vulnerability in GroupSession products allows attackers to inject malicious scripts that execute in users' browsers when they visit crafted pages or URLs. This affe...

A reflected cross-site scripting (XSS) vulnerability in GroupSession collaboration software allows attackers to execute arbitrary JavaScript in users' browsers by tricking them into clicking malicious...

A cross-site request forgery (CSRF) vulnerability in GroupSession collaboration software allows attackers to trick authenticated users into performing unintended actions. Users of GroupSession Free ed...

This vulnerability allows authenticated users in GroupSession to modify memo fields in Circular notices that should be non-editable due to improper authorization checks. Affected users include all org...

This CVE describes a WebSocket origin validation vulnerability in GroupSession products that allows cross-origin WebSocket connections. An attacker can craft a malicious webpage that, when visited by ...

This stored cross-site scripting (XSS) vulnerability in GroupSession products allows authenticated attackers to inject malicious scripts into web pages. When other users view the compromised pages, th...