Page 7 of 65 results (0.102 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. Cybozu Office, de la versión 10.0.0 a la 10.8.0, permite que los atacantes autenticados omitan la autenticación para obtener los horarios sin el privilegio de acceso mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10195 • CWE-269: Improper Privilege Management •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. Cybozu Office, de la versión 10.0.0 a la 10.7.0, permite que los atacantes remotos provoquen una denegación de servicio (DoS) mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10052 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Office, de la versión 10.0.0 a la 10.8.0, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10200 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Office, de la versión 10.0.0 a la 10.7.0, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10029 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors. Cybozu Office, de la versión 10.0.0 a la 10.7.0, permite que los atacantes muestren una imagen en un servidor externo mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN51737843/index.html https://support.cybozu.com/ja-jp/article/10030 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •