Page 12 of 169 results (0.008 seconds)

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors. Cybozu Garoon versiones 4.0.0 hasta 4.10.2, permite a un atacante con derechos administrativos causar una condición de denegación de servicio por medio de vectores no especificados. • http://jvn.jp/en/jp/JVN62618482/index.html https://kb.cybozu.support/article/35913 • CWE-20: Improper Input Validation •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'. La vulnerabilidad del tipo Cross-Site Scripting en Cybozu Garoon 4.6.0 a 4.10.1 permite a los atacantes autenticados remotamente inyectar scripts web o HTML a través de la aplicación 'Cabinet'. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/35496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen. La vulnerabilidad de redireccionamiento abierto en Cybozu Garoon 4.2.4 a 4.10.1 permite a los atacantes remotos redirigir a los usuarios a sitios web arbitrarios y realizar ataques de phishing a través de el Login Screen. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/35492 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0

Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon. Cybozu Garoon versión 4.2.4 hasta 4.10.1, permite a los atacantes remotos obtener la información de credenciales de usuarios por medio de la autenticación de Cybozu Garoon. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/35488 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information. La vulnerabilidad del tipo Cross-Site Scripting en Cybozu Garoon 4.0.0 a 4.10.1 permite a los atacantes autenticados remotamente inyectar scripts web o HTML a través de la información del usuario. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/35493 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •