📦 Sogo

A cross-site scripting (XSS) vulnerability in Alinto SOGo versions 5.12.3 and 5.12.4 allows remote attackers to inject malicious scripts via the 'hint' argument. This affects organizations using these...

Alinto SOGo 5.12.3 contains a cross-site scripting vulnerability in the theme parameter that allows attackers to inject malicious scripts. When exploited, this can lead to session hijacking, credentia...

CVE-2025-63498 is a cross-site scripting (XSS) vulnerability in alinto SOGo 5.12.3 that allows attackers to inject malicious scripts via the 'userName' parameter. When exploited, this can lead to sess...

This vulnerability in Alinto SOGo allows cross-site scripting (XSS) attacks during attachment preview functionality. Attackers can inject malicious scripts that execute in users' browsers when they pr...