cbcvebase.

Cybozu Inc Cybozu Garoon vulnerabilities

127 known vulnerabilities affecting cybozu_inc/cybozu_garoon.

Total CVEs
127
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH15MEDIUM108LOW2

Vulnerabilities

Page 5 of 7
CVE-2021-20774P4MEDIUMCVSS 5.4v4.0.0 to 5.5.02021-08-18
CVE-2021-20774 [MEDIUM] CWE-79 CVE-2021-20774: Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allow Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
nvd
CVE-2016-7801P4MEDIUMCVSS 4.3v3.0.0 to 4.2.22017-06-09
CVE-2016-7801 [MEDIUM] CWE-284 CVE-2016-7801: Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other u Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
nvd
CVE-2021-20763P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20763 [MEDIUM] CVE-2021-20763: Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a rem Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.
nvd
CVE-2021-20756P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20756 [MEDIUM] CVE-2021-20756: Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.
nvd
CVE-2021-20755P4MEDIUMCVSS 4.3v4.0.0 to 5.0.22021-08-18
CVE-2021-20755 [MEDIUM] CVE-2021-20755: Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege.
nvd
CVE-2020-5582P4MEDIUMCVSS 4.3v4.0.0 to 5.0.12020-06-30
CVE-2020-5582 [MEDIUM] CVE-2020-5582: Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to a Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.
nvd
CVE-2022-29471P4MEDIUMCVSS 4.3v4.6.0 to 5.9.02022-07-04
CVE-2022-29471 [MEDIUM] CVE-2022-29471: Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated a Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
nvd
CVE-2022-30943P4MEDIUMCVSS 4.3v4.0.0 to 5.9.12022-07-11
CVE-2022-30943 [MEDIUM] CVE-2022-30943: Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remot Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
nvd
CVE-2022-28718P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-28718 [MEDIUM] CVE-2022-28718: Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remot Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of Bulletin.
nvd
CVE-2022-26054P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-26054 [MEDIUM] CVE-2022-26054: Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote a Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
nvd
CVE-2022-26051P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-26051 [MEDIUM] CVE-2022-26051: Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
nvd
CVE-2022-31472P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-11
CVE-2022-31472 [MEDIUM] CVE-2022-31472: Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote a Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
nvd
CVE-2022-28692P4MEDIUMCVSS 4.3v4.0.0 to 5.5.12022-07-04
CVE-2022-28692 [MEDIUM] CWE-20 CVE-2022-28692: Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
nvd
CVE-2024-31402P4MEDIUMCVSS 4.3v5.0.0 to 5.15.22024-06-11
CVE-2024-31402 [MEDIUM] CWE-863 CVE-2024-31402: Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
nvd
CVE-2017-2092P4MEDIUMCVSS 5.4v3.0.0 to 4.2.32017-04-28
CVE-2017-2092 [MEDIUM] CWE-79 CVE-2017-2092: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attac Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2019-5947P4MEDIUMCVSS 5.4v4.6.0 to 4.10.12019-05-17
CVE-2019-5947 [MEDIUM] CWE-79 CVE-2019-5947: Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated atta Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
nvd
CVE-2018-0551P4MEDIUMCVSS 5.4v3.0.0 to 4.6.12018-04-16
CVE-2018-0551 [MEDIUM] CWE-79 CVE-2018-0551: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attac Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2018-0549P4MEDIUMCVSS 5.4v3.0.0 to 4.6.02018-04-16
CVE-2018-0549 [MEDIUM] CWE-79 CVE-2018-0549: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attac Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2017-2256P4MEDIUMCVSS 5.4v3.0.0 to 4.2.52017-08-29
CVE-2017-2256 [MEDIUM] CWE-79 CVE-2017-2256: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbi Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
nvd
CVE-2017-2255P4MEDIUMCVSS 5.4v3.7.0 to 4.2.52017-08-29
CVE-2017-2255 [MEDIUM] CWE-79 CVE-2017-2255: Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbi Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".
nvd
Cybozu Inc Cybozu Garoon vulnerabilities | cvebase