CVE-2026-30237 - CVE Details, Severity, and Analysis | Strobes VI
breakout.. This issue has been patched in versions 6.8.155, 25.0.88, and 26.0.10.","datePublished":"2026-03-09T16:21:36.545000","dateModified":"2026-03-09T17:59:10.320000","author":{"@type":"Organization","name":"Strobes Security","url":"https://strobes.co"},"publisher":{"@type":"Organization","name":"Strobes VI","url":"https://vi.strobes.co"},"mainEntityOfPage":{"@type":"WebPage","@id":"https://vi.strobes.co/cve/CVE-2026-30237"},"about":{"@type":"Thing","name":"CVE-2026-30237","description":"Security vulnerability CVE-2026-30237 with CVSS score 0"},"keywords":["CVE-2026-30237","CVE","vulnerability","security","low"]} breakout.. This issue has been patched in versions 6.8.155, 25.0.88, and 26.0.10."}},{"@type":"Question","name":"What is the severity of CVE-2026-30237?","acceptedAnswer":{"@type":"Answer","text":"CVE-2026-30237 has a CVSS v3 score of 0, which is classified as Low severity."}},{"@type":"Question","name":"Is there an exploit available for CVE-2026-30237?","acceptedAnswer":{"@type":"Answer","text":"No known public exploits are currently available for CVE-2026-30237."}},{"@type":"Question","name":"Is there a patch available for CVE-2026-30237?","acceptedAnswer":{"@type":"Answer","text":"No official patches have been released yet for CVE-2026-30237. Consider implementing workarounds or mitigations."}}]}
CVE-2026-30237
Published: March 9, 2026
Last updated:
Exploit: NoZero-day: NoPatch: No
TL;DR
CVE-2026-30237 is a low severity vulnerability with a CVSS score of 0.0. No known public exploits at this time.
Key Points
1Low severity (CVSS 0.0/10)
2No known public exploits
3
Severity Scores
CVSS v30.0
CVSS v20.0
Priority Score0.0
EPSS Score0.0
None
Cite This Page
APA Format
Strobes VI. (2026). CVE-2026-30237 - CVE Details and Analysis. Strobes VI. Retrieved March 10, 2026, from https://vi.strobes.co/cve/CVE-2026-30237
Quick copy link + title
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.
Trend: Neutral
No official patches released yet
Exploitation LikelihoodMinimal
0.00%EPSS
Very low probability of exploitation
Monitor and patch as resources allow
0.00%
EPSS
0.0
CVSS
No
Exploit
No
Patch
Medium Priority
no patch
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
Description
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.155, 25.0.88, and 26.0.10, there is a reflected XSS vulnerability in the GroupOffice installer, endpoint install/license.php. The POST field license is rendered without escaping inside a <textarea>, allowing a </textarea><script>...</script> breakout.. This issue has been patched in versions 6.8.155, 25.0.88, and 26.0.10.