CVE-2016-1149

Cybozu Office is affected: versions 9.0.0–10.3.0 contain a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Impact includes potential partial integrity compromise; exploitation details are not provided in the doc...