CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
52.8%
Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a cross-site request forgery vulnerability.
If an administrative user views a malicious page while logged into Aipo, data stored within Aipo may be altered.
Update the Software
Update to the latest version according to the information provided by the developer.
This issue has been resolved in Aipo Version 4.0.4.0.