Cybozu : Security vulnerabilities, CVEs published in 2009

Copy

CVE-2008-6744

Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Max CVSS

6.8

EPSS Score

0.33%

Published

2009-04-23

Updated

2017-08-17

CVE-2008-6570

Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.

Max CVSS

4.3

EPSS Score

0.29%

Published

2009-03-31

Updated

2017-08-17

CVE-2008-6569

Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.

Max CVSS

6.8

EPSS Score

1.55%

Published

2009-03-31

Updated

2017-08-17

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!