Cybozu Inc Cybozu Garoon vulnerabilities
127 known vulnerabilities affecting cybozu_inc/cybozu_garoon.
Total CVEs
127
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH15MEDIUM108LOW2
Vulnerabilities
Page 7 of 7
CVE-2019-5932P4MEDIUMCVSS 4.8v4.6.0 to 4.6.32019-05-17
CVE-2019-5932 [MEDIUM] CWE-79 CVE-2019-5932: Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attac
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'.
nvd
CVE-2017-2146P4MEDIUMCVSS 4.8v3.0.0 to 4.2.42017-07-07
CVE-2017-2146 [MEDIUM] CWE-79 CVE-2017-2146: Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.
nvd
CVE-2020-5585P4MEDIUMCVSS 4.8v5.0.0 to 5.0.12020-06-30
CVE-2020-5585 [MEDIUM] CWE-79 CVE-2020-5585: Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrato
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
nvd
CVE-2017-2093P4MEDIUMCVSS 4.3v3.0.0 to 4.2.32017-04-28
CVE-2017-2093 [MEDIUM] CWE-200 CVE-2017-2093: Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens used for CSRF protection via un
Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens used for CSRF protection via unspecified vectors.
nvd
CVE-2016-4909P4MEDIUMCVSS 4.3v3.0.0 to 4.2.22017-06-09
CVE-2016-4909 [MEDIUM] CWE-352 CVE-2016-4909: Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attack
Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.
nvd
CVE-2018-0532P4LOWCVSS 2.7v3.0.0 to 4.2.62018-04-16
CVE-2018-0532 [LOW] CWE-79 CVE-2018-0532: Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to a
Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.
nvd
CVE-2021-20761P4LOWCVSS 2.7v4.0.0 to 5.0.22021-08-18
CVE-2021-20761 [LOW] CWE-20 CVE-2021-20761: Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote at
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.
nvd
← Previous7 / 7