Cybozu » Garoon : Security Vulnerabilities, CVEs, Published In 2019 (XSS)

CVE-2019-5975

DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
5.4
EPSS Score
0.07%
Published
2019-09-12
Updated
2020-08-24

CVE-2019-5947

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
Max CVSS
5.4
EPSS Score
0.07%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5940

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5939

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5938

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5937

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information.
Max CVSS
5.4
EPSS Score
0.07%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5932

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'.
Max CVSS
4.8
EPSS Score
0.07%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5929

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the application 'Memo'.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17

CVE-2019-5928

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function.
Max CVSS
6.1
EPSS Score
0.12%
Published
2019-05-17
Updated
2019-05-17
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close