Egroupware/egroupware
This hub aggregates every CVE we track for Egroupware/egroupware, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM1CRITICAL1
Monthly trend
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Egroupware/egroupware.
- CVE-2026-22243EGroupware has SQL Injection in Nextmatch Filter Processing8.8
- CVE-2024-40614EGroupware before 23.1.20240624 mishandles an ORDER BY clause. This leads to json.php?menuaction=EGroupware\Api\Etemplate\Widget\Nextmatch::ajax_get_rows sort.id SQL injection by authenticated user...9.8
- CVE-2017-14920Stored XSS vulnerability in eGroupware Community Edition before 16.1.20170922 allows an unauthenticated remote attacker to inject JavaScript via the User-Agent HTTP header, which is mishandled duri...6.1
- CVE-2010-3313phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 bef...7.5
Product normalization is registry-driven with AI assist and human review. How it works