CVE-2026-8851 | Alinto SOGo up to 5.12.7 addUserInAcls Endpoint /acls sogo_acl uid sql injection

A vulnerability was found in Alinto SOGo up to 5.12.7. It has been rated as critical. This issue affects the function sogo_acl of the file /acls of the component addUserInAcls Endpoint. The manipulation of the argument uid leads to sql injection.

This vulnerability is documented as CVE-2026-8851. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More