Please make sure your tine-groupware is always up to date but report your vulnerability either way if it's in a recent release or in a previous one.
Report vulnerabilties to:
Please use pgp encryption for e-mail communication with our security-team.
Our pgp key is published e.g. to https://keys.mailvelope.com. Figerprint is:
D1E3 B9AF 10E3 D7D5 67F4 E963 6127 0D7C 7036 F259
Make sure you specify either the commit or the version (e.g. 2020.03.4) which is affected.