Cross-Site Scripting Vulnerability in Group Office Prior to v6.8.31

Cross-Site Scripting Vulnerability in Group Office Prior to v6.8.31

CVE-2024-23941 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.

Learn more about our Cis Benchmark Audit For Microsoft Office.