Show filters
53 Total Results
Displaying 1-10 of 53
Sort by:
Attacker Value
Unknown

CVE-2017-2256

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
0
0
Attacker Value
Unknown

CVE-2017-2257

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function.
0
0
Attacker Value
Unknown

CVE-2017-2254

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input
0
0
Attacker Value
Unknown

CVE-2017-2255

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".
0
0
Attacker Value
Unknown

CVE-2017-2144

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user's file through a specially crafted page.
0
0
Attacker Value
Unknown

CVE-2017-2146

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.
0
0
Attacker Value
Unknown

CVE-2016-7801

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4909

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4907

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2016-4906

Disclosure Date: June 09, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.
0
0
View More Topics  Next >