Show filters
35 Total Results
Displaying 1-10 of 35
Sort by:
Attacker Value
Unknown

CVE-2017-2256

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
0
0
Attacker Value
Unknown

CVE-2017-2257

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function.
0
0
Attacker Value
Unknown

CVE-2017-2144

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page.
0
0
Attacker Value
Unknown

CVE-2017-2146

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.
0
0
Attacker Value
Unknown

CVE-2016-7801

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4909

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4907

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4906

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.
0
0
Attacker Value
Unknown

CVE-2016-4910

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4908

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.
0
0
View More Topics  Next >