CVE-2026-45551 | Intermesh groupoffice up to 6.8.164/25.0.1004/26.0.24 Email saveSetting email_font_size cross site scripting

May 29, 2026 Yanac

A vulnerability identified as problematic has been detected in Intermesh groupoffice up to 6.8.164/25.0.1004/26.0.24. Affected is an unknown function of the file index.php?r=core/saveSetting of the component Email Module. This manipulation of the argument email_font_size causes cross site scripting.

This vulnerability is handled as CVE-2026-45551. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More