Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-08631)

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A cross-site scripting vulnerability exists in the ''Customapp'' feature in Cybozu Office versions 9.0.0 through 10.4.0. The vulnerability can be exploited by an attacker to execute arbitrary script on the web browse...

"Customapp" function in Cybozu Office vulnerable to cross-site scripting

Overview Cybozu Office provided by Cybozu,Inc. contains a cross-site scripting vulnerability. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning Partnership. Impact ...

CVE-2016-1153

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489...

CVE-2016-1153

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489...

CVE-2015-8489

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service excessive database locking via a crafted CSV file, a different vulnerability than CVE-2016-1153...

Design/Logic Flaw

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489...

Design/Logic Flaw

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service excessive database locking via a crafted CSV file, a different vulnerability than CVE-2016-1153...

CVE-2016-1153

customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489...

CVE-2016-1153

CVE-2016-1153 affects Cybozu Office 9.9.0–10.3.0; a vulnerability in the customapp allowing remote authenticated users to cause a denial of service via unspecified vectors. Impact per sources: availability disruption (MEDIUM/ HIGH depending on metric). No explicit remediation/version fix provided...

Cybozu Office vulnerable to denial-of-service (DoS)

Overview Cybozu Office contains a denial-of-service DoS vulnerability due to an issue in "customapp". Impact An authenticated attacker may cause a denial-of-service DoS condition which all users can not use the system. Solution Update the Software Update to the latest version according to the...

JVN#20246313: Cybozu Office vulnerable to denial-of-service (DoS)

Cybozu Office contains a denial-of-service DoS vulnerability due to an issue in "customapp". Impact An authenticated attacker may cause a denial-of-service DoS condition which all users can not use the system. Solution Update the Software Update to the latest version according to the information...