Vendor
Groupsession
Products
4
CVEs
2
Across products
2
Status
Private
Products
4- 1 CVE
- 1 CVE
- 0 CVEs
- 0 CVEs
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-2165 | Med | 0.42 | 6.5 | 0.00 | Jun 9, 2017 | GroupSession versions 4.6.4 and earlier allows remote authenticated attackers to bypass access restrictions to obtain sensitive information such as emails via unspecified vectors. | |
| CVE-2025-65120 | 0.00 | — | 0.00 | Dec 12, 2025 | Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1. If a user accesses a crafted page or URL, an arbitrary script may be executed on the web browser of the user. |