Sign in Get started

← All advisories

Unrated severityOSV Advisory· Published Dec 4, 2025· Updated Dec 5, 2025

CVE-2025-63499

CVE-2025-63499

Description

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter.

Affected products

1

Alinto/SogoOSV
Range: SOGo-2.0.1, SOGo-2.0.2, SOGo-2.2.17a, …

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

email.example.com/SOGo/so/victim@example.com/Mail/viewmitre

News mentions

0

No linked articles in our index yet.