Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-30
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-05-23
Updated
2023-05-31
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-05-23
Updated
2023-05-31
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Browsing restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-11
Updated
2022-07-15
Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-11
Updated
2022-07-15
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
Max CVSS
6.5
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary script.
Max CVSS
4.8
EPSS Score
0.07%
Published
2022-07-04
Updated
2022-07-12
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
Max CVSS
6.5
EPSS Score
0.09%
Published
2022-07-11
Updated
2022-07-15
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-04
Updated
2022-07-12
Browse restriction bypass vulnerability in Bulletin of Cybozu Garoon allows a remote authenticated attacker to obtain the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Address information disclosure vulnerability in Cybozu Garoon 4.2.0 to 5.5.1 allows a remote authenticated attacker to obtain some data of Address.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a remote authenticated attacker to alter the data of Bulletin.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper authentication vulnerability in Scheduler of Cybozu Garoon 4.10.0 to 5.5.1 allows a remote attacker to obtain some data of Facility Information without logging in to the product.
Max CVSS
5.3
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Scheduler.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add Categories.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Space.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-12
Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.
Max CVSS
6.1
EPSS Score
0.11%
Published
2022-07-04
Updated
2022-07-11
Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet.
Max CVSS
5.5
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-07-04
Updated
2022-07-11
Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.
Max CVSS
4.3
EPSS Score
0.08%
Published
2021-08-18
Updated
2021-08-24
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
5.4
EPSS Score
0.07%
Published
2021-08-18
Updated
2021-08-24
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.
Max CVSS
4.3
EPSS Score
0.08%
Published
2021-08-18
Updated
2022-07-12