CVE-2020-7810

Name of the Vulnerable Software and Affected Versions Groupware (affected versions not specified)

Description The issue is related to the hslogin2.dll ActiveX Control in Groupware, which lacks integrity verification of policy files during the update process. This allows a remote attacker to induce a user to visit a crafted web page, potentially leading to malicious code infection by downloading and executing remote files. The attacker can exploit this by setting specific arguments to the ActiveX method.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.