CVE-2018-0557

Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors...

CVE-2018-0559

Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors...

CVE-2018-0558

Cybozu Mailwise 5.0.0–5.4.1 contains a reflected cross-site scripting (CWE-79) vulnerability in System settings, enabling injection of arbitrary script or HTML and potential session-local impact. The issue is confirmed across multiple sources (CVE-2018-0558 and related records). Attack vectors ar...

Multiple cross-site scripting vulnerabilities in Cybozu Mailwise

Overview Cybozu Mailwise contains multiple cross-site scripting vulnerabilities below. Stored cross-site scripting vulnerability in "E-mail Details Screen" CWE-79 - CVE-2018-0557 Reflected cross-site scripting vulnerability in "System settings" CWE-79 - CVE-2018-0558 Reflected cross-site scriptin...

Cybozu Mailwise Cross-Site Scripting Vulnerability (CNVD-2018-15282)

Cybozu Mailwise is a Web-based e-mail system from Cybozu, and System settings is one of the system settings components. A cross-site scripting vulnerability exists in System settings in Cybozu Mailwise versions 5.0.0 through 5.4.1. A remote attacker can use this vulnerability to inject arbitrary...

JVN#52319657: Multiple cross-site scripting vulnerabilities in Cybozu Mailwise

Cybozu Mailwise contains multiple cross-site scripting vulnerabilities below. Stored cross-site scripting vulnerability in "E-mail Details Screen" CWE-79 - CVE-2018-0557 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

Cybozu Mailwise Cross-Site Scripting Vulnerability

Cybozu Mailwise is a Web-based e-mail system from Cybozu, and E-mail Details Screen is one of the components for viewing e-mail details. A cross-site scripting vulnerability exists in E-mail Details Screen in Cybozu Mailwise versions 5.0.0 through 5.4.1. A remote attacker can use this vulnerabili...

Cybozu Mailwise < 5.4.0 Multiple Vulnerabilities

Cybozu Mailwise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cybozu:mailwise";...

Design/Logic Flaw

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers...

CVE-2016-4841

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers...

CVE-2016-4841

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers...

CVE-2016-4841

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers...

CVE-2016-4841

Cybozu Mailwise is affected by CVE-2016-4841: versions 5.0.0 through 5.3.2 are vulnerable to email header injection when sending messages. The root cause is improper handling of email headers, allowing a remote attacker to inject arbitrary headers via crafted requests. Public references indicate ...

CVE-2016-4842

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read...

Information disclosure

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read...

CVE-2016-4842

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read...

Information disclosure

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information...

CVE-2016-4843

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information...

Code injection

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

CVE-2016-4843

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information...