CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20766
https://notcve.org/view.php?id=CVE-2021-20766
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting en Message de Cybozu Garoon versiones 4.0.0 hasta 5.0.2, permite a un atacante remoto inyectar un script arbitrario por medio de vectores no especificados. • https://cs.cybozu.co.jp/2021/007206.html https://jvn.jp/en/jp/JVN54794245/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20765
https://notcve.org/view.php?id=CVE-2021-20765
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. Una vulnerabilidad de tipo cross-site scripting en Bulletin of Cybozu Garoon versiones 4.0.0 hasta 5.0.2, permite a un atacante remoto inyectar un script arbitrario por medio de vectores no especificados. • https://cs.cybozu.co.jp/2021/007206.html https://jvn.jp/en/jp/JVN54794245/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20764
https://notcve.org/view.php?id=CVE-2021-20764
Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files. Una vulnerabilidad de comprobación de entrada inapropiada en Attaching Files de Cybozu Garoon versiones 4.0.0 hasta 5.0.2, permite a un atacante remoto alterar los datos de Attaching Files. • https://cs.cybozu.co.jp/2021/007206.html https://jvn.jp/en/jp/JVN54794245/index.html • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20763
https://notcve.org/view.php?id=CVE-2021-20763
Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege. Una vulnerabilidad de omisión de restricciones operativas en Portal de Cybozu Garoon versiones 4.0.0 hasta 5.0.2, permite a un atacante autenticado remoto obtener los datos de Portal sin el privilegio apropiado. • https://cs.cybozu.co.jp/2021/007206.html https://jvn.jp/en/jp/JVN54794245/index.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20762
https://notcve.org/view.php?id=CVE-2021-20762
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege. Una vulnerabilidad de comprobación de entrada inapropiada en E-mail de Cybozu Garoon versiones 4.0.0 hasta 5.0.2, permite a un usuario atacante autenticado alterar los datos de E-mail sin el privilegio apropiado. • https://cs.cybozu.co.jp/2021/007206.html https://jvn.jp/en/jp/JVN54794245/index.html • CWE-20: Improper Input Validation •