CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-5945
https://notcve.org/view.php?id=CVE-2019-5945
Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon. Cybozu Garoon versión 4.2.4 hasta 4.10.1, permite a los atacantes remotos obtener la información de credenciales de usuarios por medio de la autenticación de Cybozu Garoon. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/35488 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5928
https://notcve.org/view.php?id=CVE-2019-5928
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function. La vulnerabilidad del tipo Cross-Site Scripting en Cybozu Garoon 4.0.0 a 4.6.3 permite a los atacantes remotos inyectar secuencias de comandos web o HTML a través de la función Customize Item. • http://jvn.jp/en/jp/JVN58849431/index.html https://jvn.jp/en/jp/JVN58849431 https://kb.cybozu.support/article/34279 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5929
https://notcve.org/view.php?id=CVE-2019-5929
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the application 'Memo'. La vulnerabilidad del tipo Cross-Site Scripting en Cybozu Garoon 4.0.0 a 4.6.3 permite a los atacantes remotos inyectar scripts web o HTML a través de la aplicación 'Memo'. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/34277 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5930
https://notcve.org/view.php?id=CVE-2019-5930
Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'. Cybozu Garoon 4.0.0 a 4.6.3 permite a los atacantes remotos eludir el Access Restriction para navegar por páginas no autorizadas a través de la aplicación 'Management of Basic System'. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/34227 •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5931
https://notcve.org/view.php?id=CVE-2019-5931
Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors. Cybozu Garoon 4.0.0 a 4.6.3 permite a los atacantes autenticados alterar la información con privilegios invocando el Installer por medio de vectores no especificados. • http://jvn.jp/en/jp/JVN58849431/index.html https://kb.cybozu.support/article/34283 • CWE-20: Improper Input Validation •