Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
Max CVSS
6.5
EPSS Score
0.07%
Published
2023-05-23
Updated
2023-05-31
Operation restriction bypass in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to alter the file information and/or delete the files.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-11
Updated
2022-07-15
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
Max CVSS
6.5
EPSS Score
0.14%
Published
2022-07-04
Updated
2022-07-12
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
Max CVSS
6.5
EPSS Score
0.09%
Published
2022-07-11
Updated
2022-07-15
Operation restriction bypass vulnerability in Space of Cybozu Garoon 4.0.0 to 5.9.0 allows a remote authenticated attacker to delete the data of Space.
Max CVSS
8.1
EPSS Score
0.16%
Published
2022-07-04
Updated
2022-07-12
Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.
Max CVSS
6.1
EPSS Score
0.11%
Published
2022-07-04
Updated
2022-07-11
Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.11%
Published
2021-08-18
Updated
2022-09-30
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.11%
Published
2021-08-18
Updated
2021-08-24
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.11%
Published
2021-08-18
Updated
2021-08-24
Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors.
Max CVSS
8.0
EPSS Score
0.08%
Published
2021-08-18
Updated
2021-08-24
Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector.
Max CVSS
6.5
EPSS Score
0.09%
Published
2020-11-06
Updated
2020-11-16
Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.13%
Published
2020-06-30
Updated
2021-07-21
Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.50%
Published
2020-06-30
Updated
2021-07-21
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.23%
Published
2020-06-30
Updated
2021-07-21
Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.16%
Published
2020-06-30
Updated
2020-07-02
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.
Max CVSS
8.1
EPSS Score
0.14%
Published
2020-06-30
Updated
2021-07-21
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2020-04-28
Updated
2020-04-30
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.
Max CVSS
7.5
EPSS Score
0.49%
Published
2020-04-28
Updated
2020-04-30
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2020-04-28
Updated
2020-04-30
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.6
EPSS Score
0.11%
Published
2019-09-12
Updated
2019-09-13
Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.
Max CVSS
6.1
EPSS Score
0.13%
Published
2019-09-12
Updated
2019-09-13
Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen.
Max CVSS
6.1
EPSS Score
0.13%
Published
2019-05-17
Updated
2019-05-20
Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon.
Max CVSS
9.8
EPSS Score
1.27%
Published
2019-05-17
Updated
2020-08-24
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17
68 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!