Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown

CVE-2017-2256

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo".
0
0
Attacker Value
Unknown

CVE-2017-2257

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function.
0
0
Attacker Value
Unknown

CVE-2017-2258

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".
0
0
Attacker Value
Unknown

CVE-2017-2254

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input
0
0
Attacker Value
Unknown

CVE-2017-2255

Disclosure Date: August 29, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".
0
0
Attacker Value
Unknown

CVE-2017-2145

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2017-2146

Disclosure Date: July 07, 2017 (last updated November 26, 2024)
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu.
0
0