{"id":"CVE-2024-23941","details":"Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.","modified":"2026-04-10T05:09:42.628812Z","published":"2024-02-01T04:15:49.967Z","references":[{"type":"WEB","url":"https://github.com/Intermesh/groupoffice/"},{"type":"WEB","url":"https://www.group-office.com/"},{"type":"ADVISORY","url":"https://jvn.jp/en/jp/JVN63567545/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/intermesh/groupoffice","events":[{"introduced":"0"},{"fixed":"a19402ad2827aa1be101986fae4064736ce94ae2"},{"introduced":"b7193441ed2550ce7bfb4fd5c3471fbb5ebb9eb8"},{"fixed":"0f9eba14a5e1d6095574e9871ddd4debb23ed0d7"},{"introduced":"0"},{"fixed":"56097129ed83e5848865feb7eb6bae66bb1c9539"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.6.182"},{"introduced":"6.7.0"},{"fixed":"6.7.64"},{"introduced":"6.8.0"},{"fixed":"6.8.31"}]}}],"versions":["v6.3.1","v6.3.10","v6.3.11","v6.3.12","v6.3.14","v6.3.3","v6.3.4","v6.3.5","v6.3.6","v6.3.7","v6.3.8","v6.4.23","v6.4.25","v6.4.26","v6.4.27","v6.4.28","v6.4.29","v6.4.30","v6.4.31","v6.4.32","v6.4.33","v6.4.34","v6.4.35","v6.4.36","v6.4.37","v6.4.38","v6.4.39","v6.4.40","v6.4.41","v6.4.42","v6.4.43","v6.4.44","v6.4.49","v6.4.50","v6.4.51","v6.5.30","v6.5.31","v6.5.32","v6.5.33","v6.5.34","v6.5.35","v6.5.36","v6.5.37","v6.5.38","v6.5.39","v6.5.41","v6.5.42","v6.5.43","v6.5.44","v6.5.45","v6.5.46","v6.5.47","v6.5.48","v6.5.49","v6.5.50","v6.5.51","v6.5.52","v6.5.53","v6.5.54","v6.5.55","v6.5.56","v6.5.57","v6.5.58","v6.5.59","v6.5.60","v6.5.61","v6.5.62","v6.5.63","v6.5.64","v6.5.65","v6.5.66","v6.5.67","v6.5.68","v6.5.69","v6.5.70","v6.5.71","v6.5.72","v6.5.73","v6.5.74","v6.5.75","v6.5.76","v6.5.77","v6.5.78","v6.5.79","v6.5.80","v6.5.81","v6.5.82","v6.5.84","v6.5.85","v6.5.86","v6.5.88","v6.5.89","v6.5.90","v6.5.91","v6.5.92","v6.5.93","v6.5.95","v6.5.96","v6.6.100","v6.6.102","v6.6.103","v6.6.104","v6.6.105","v6.6.106","v6.6.107","v6.6.110","v6.6.117","v6.6.118","v6.6.119","v6.6.124","v6.6.125","v6.6.126","v6.6.127","v6.6.128","v6.6.129","v6.6.130","v6.6.131","v6.6.132","v6.6.133","v6.6.134","v6.6.135","v6.6.136","v6.6.137","v6.6.138","v6.6.139","v6.6.140","v6.6.141","v6.6.143","v6.6.144","v6.6.145","v6.6.146","v6.6.147","v6.6.148","v6.6.150","v6.6.151","v6.6.152","v6.6.153","v6.6.154","v6.6.155","v6.6.156","v6.6.157","v6.6.158","v6.6.159","v6.6.160","v6.6.161","v6.6.162","v6.6.163","v6.6.164","v6.6.165","v6.6.166","v6.6.167","v6.6.168","v6.6.169","v6.6.170","v6.6.171","v6.6.172","v6.6.173","v6.6.174","v6.6.175","v6.6.176","v6.6.177","v6.6.178","v6.6.179","v6.6.180","v6.6.181","v6.6.27","v6.6.28","v6.6.29","v6.6.30","v6.6.31","v6.6.32","v6.6.33","v6.6.34","v6.6.35","v6.6.36","v6.6.37","v6.6.38","v6.6.39","v6.6.40","v6.6.41","v6.6.42","v6.6.43","v6.6.44","v6.6.45","v6.6.46","v6.6.47","v6.6.48","v6.6.49","v6.6.50","v6.6.51","v6.6.52","v6.6.53","v6.6.54","v6.6.55","v6.6.56","v6.6.57","v6.6.58","v6.6.59","v6.6.60","v6.6.61","v6.6.62","v6.6.63","v6.6.64","v6.6.65","v6.6.66","v6.6.67","v6.6.68","v6.6.69","v6.6.70","v6.6.71","v6.6.72","v6.6.81","v6.6.82","v6.6.83","v6.6.84","v6.6.85","v6.6.86","v6.6.87","v6.6.88","v6.6.89","v6.6.90","v6.6.91","v6.6.92","v6.6.93","v6.6.94","v6.6.95","v6.6.96","v6.6.97","v6.6.98","v6.6.99","v6.7.10","v6.7.11","v6.7.12","v6.7.13","v6.7.14","v6.7.15","v6.7.17","v6.7.19","v6.7.20","v6.7.22","v6.7.24","v6.7.25","v6.7.26","v6.7.27","v6.7.28","v6.7.29","v6.7.30","v6.7.31","v6.7.32","v6.7.33","v6.7.35","v6.7.36","v6.7.37","v6.7.38","v6.7.39","v6.7.40","v6.7.41","v6.7.42","v6.7.43","v6.7.44","v6.7.45","v6.7.46","v6.7.47","v6.7.48","v6.7.49","v6.7.51","v6.7.52","v6.7.53","v6.7.54","v6.7.55","v6.7.56","v6.7.57","v6.7.58","v6.7.59","v6.7.60","v6.7.61","v6.7.62","v6.7.63","v6.7.8","v6.7.9","v6.8.10","v6.8.11","v6.8.12","v6.8.14","v6.8.15","v6.8.16","v6.8.17","v6.8.18","v6.8.19","v6.8.21","v6.8.23","v6.8.24","v6.8.25","v6.8.26","v6.8.28","v6.8.29","v6.8.30","v6.8.6","v6.8.7","v6.8.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-23941.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}