CVE-2020-5564

2020-04-2803:15:29

jpcert

www.cve.org

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

47.1%

JSON

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application ‘E-mail’.

CNA Affected

[
  {
    "product": "Cybozu Garoon",
    "vendor": "Cybozu, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "4.0.0 to 4.10.3"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN35649781/index.html

kb.cybozu.support/article/36116/