CVE-2025-48992 | Intermesh groupoffice up to 6.8.122/25.0.26 User Profile Name cross site scripting (GHSA-j35g-q5mc-jwgp)

A vulnerability, which was classified as problematic, was found in Intermesh groupoffice up to 6.8.122/25.0.26. Affected is an unknown function of the component User Profile Handler. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is traded as CVE-2025-48992. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More