CVE-2026-27832
Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection (SQLi) vulnerability, exploitable through the `advancedQueryData` parameter (`comparator` field) on an authenticated endpoint. The endpoint `index.php?r=email/template/emailSelection` processes `advancedQueryData` and forwards the SQL comparator without a strict allowlist into SQL condition building. This enables blind boolean-based exfiltration of the `core_auth_password` table. Versions 26.0.8, 25.0.87, and 6.8.153 fix the issue.
| CWE | CWE-89 |
| Vendor | intermesh |
| Product | groupoffice |
| Published | Feb 27, 2026 |
| Last Updated | Mar 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for intermesh groupoffice
Be the first to know when new unknown vulnerabilities affecting intermesh groupoffice are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Intermesh / groupoffice
< 6.8.153 >= 25.0.0, < 25.0.87 >= 26.0.0, < 26.0.8