CVE-2026-3054 | Alinto SOGo 5.12.3/5.12.4 hint cross site scripting

Inserito da Angelo Barbosa | Feb 23, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting.

This vulnerability is documented as CVE-2026-3054. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-3054 | Alinto SOGo 5.12.3/5.12.4 hint cross site scripting

Post correlati

CVE-2023-47701 | IBM DB2/DB2 Connect Server 10.5/11.1/11.5 Query denial of service (XFDB-266166)

CVE-2025-12891 | Survey Maker Plugin up to 5.1.9.4 on WordPress AJAX Endpoint ays_survey_show_results authorization

CVE-2025-11186 | Cookie Notice & Compliance for GDPR CCPA Plugin up to 2.5.8 on WordPress Shortcode cookies_accepted cross site scripting

CVE-2025-30669 | Zoom Workplace/Workplace VDI Client/Meeting SDK prior 6.5.10 certificate validation