XSS in Intermesh Groupoffice

CVE-2025-48368

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a DOM-based Cross-Site Scripting (XSS) vulnerability exists in the GroupOffice application, allowing attackers to exe…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (35.6th percentile) — read the EPSS interpretation.