Skip to content

GHSA lookup

GHSA-H9QX-V5XP-PH8P

Pruva has a verified reproduction for GHSA-H9QX-V5XP-PH8P: EGroupware contains an authorization bypass in SmallPartMediaRecorder::ajax_upload combined with arbitrary file write and file read primitives, enabling authenticated (or self-registered) attackers to overwrite header.inc.php and achieve remote code execution.. The canonical evidence record is REPRO-2026-00272.

REPRO

REPRO-2026-00272

Package

egroupware/egroupware · Composer

Severity

CRITICAL

Status

published