Cybozu Inc Cybozu Garoon vulnerabilities
127 known vulnerabilities affecting cybozu_inc/cybozu_garoon.
Total CVEs
127
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH15MEDIUM108LOW2
Vulnerabilities
Page 5 of 7
CVE-2021-20774P4MEDIUMCVSS 5.4v4.0.0 to 5.5.02021-08-18
CVE-2021-20774 [MEDIUM] CWE-79 CVE-2021-20774: Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allow
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
nvd
CVE-2016-7801P4MEDIUMCVSS 4.3v3.0.0 to 4.2.22017-06-09
CVE-2016-7801 [MEDIUM] CWE-284 CVE-2016-7801: Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other u
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
nvd
CVE-2021-20763P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20763 [MEDIUM] CVE-2021-20763: Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a rem
Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.
nvd
CVE-2021-20756P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20756 [MEDIUM] CVE-2021-20756: Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.
nvd
CVE-2021-20755P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20755 [MEDIUM] CVE-2021-20755: Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege.
nvd
CVE-2020-5582P4MEDIUMCVSS 4.3v4.0.0 to 5.0.12020-06-30
CVE-2020-5582 [MEDIUM] CVE-2020-5582: Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to a
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.
nvd
CVE-2022-29471P4MEDIUMCVSS 4.3v4.6.0 to 5.9.02022-07-04
CVE-2022-29471 [MEDIUM] CVE-2022-29471: Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated a
Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
nvd
CVE-2022-30943P4MEDIUMCVSS 4.3v4.0.0 to 5.9.12022-07-11
CVE-2022-30943 [MEDIUM] CVE-2022-30943: Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remot
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
nvd
CVE-2022-28718P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-28718 [MEDIUM] CVE-2022-28718: Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remot
Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of Bulletin.
nvd
CVE-2022-26054P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-26054 [MEDIUM] CVE-2022-26054: Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote a
Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
nvd
CVE-2022-26051P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-26051 [MEDIUM] CVE-2022-26051: Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote
Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
nvd
CVE-2022-31472P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-11
CVE-2022-31472 [MEDIUM] CVE-2022-31472: Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote a
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
nvd
CVE-2022-28692P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-28692 [MEDIUM] CWE-20 CVE-2022-28692: Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote
Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
nvd
CVE-2024-31402P4MEDIUMCVSS 4.3v5.0.0 to 5.15.22024-06-11
CVE-2024-31402 [MEDIUM] CWE-863 CVE-2024-31402: Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
nvd
CVE-2017-2092P4MEDIUMCVSS 5.4v3.0.0 to 4.2.32017-04-28
CVE-2017-2092 [MEDIUM] CWE-79 CVE-2017-2092: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attac
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2019-5947P4MEDIUMCVSS 5.4v4.6.0 to 4.10.12019-05-17
CVE-2019-5947 [MEDIUM] CWE-79 CVE-2019-5947: Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated atta
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
nvd
CVE-2018-0551P4MEDIUMCVSS 5.4v3.0.0 to 4.6.12018-04-16
CVE-2018-0551 [MEDIUM] CWE-79 CVE-2018-0551: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attac
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2018-0549P4MEDIUMCVSS 5.4v3.0.0 to 4.6.02018-04-16
CVE-2018-0549 [MEDIUM] CWE-79 CVE-2018-0549: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attac
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2017-2256P4MEDIUMCVSS 5.4v3.0.0 to 4.2.52017-08-29
CVE-2017-2256 [MEDIUM] CWE-79 CVE-2017-2256: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbi
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
nvd
CVE-2017-2255P4MEDIUMCVSS 5.4v3.7.0 to 4.2.52017-08-29
CVE-2017-2255 [MEDIUM] CWE-79 CVE-2017-2255: Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbi
Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".
nvd