CVE-2026-8496 | Alinto SOGo up to 5.12.7 Webmail Interface Description cross site scripting

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability described as problematic has been identified in Alinto SOGo up to 5.12.7. Affected by this vulnerability is an unknown functionality of the component Webmail Interface. Such manipulation of the argument Description leads to cross site scripting.

This vulnerability is traded as CVE-2026-8496. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-8496 | Alinto SOGo up to 5.12.7 Webmail Interface Description cross site scripting

Post correlati

CVE-2025-59898 | Flexense Sync Breeze Enterprise Server 10.4.18 /add_exclude_dir cross site scripting

CVE-2026-40948 | Apache Airflow Keycloak Provider up to 0.6.x OAuth Login cross-site request forgery

CVE-2023-37020 | Open5GS MME up to 2.6.4 S1AP Packet MME_UE_S1AP_ID denial of service

CVE-2025-41239 | VMware ESXi vSockets uninitialized resource