Groove Networks Groove Virtual Office SharePoint Lists Arbitrary Script Injection Vulnerability

Groove Networks Groove Virtual Office SharePoint Lists Arbitrary Script Injection Vulnerability

Groove Virtual Office is affected by an arbitrary script injection vulnerability.

User-supplied data is not properly sanitized from SharePoint lists and is copied into Groove Mobile Workspace. This can allow an attacker to inject and execute script code in the context of the application, which can lead to various attacks.