2 matches found
CVE-2016-1216
CVE-2016-1216 is a cross-site scripting vulnerability in the Cybozu Garoon product, specifically in the "New appointment" function. Public sources (NVD, JVN, CVE listings) confirm the issue affects Cybozu Garoon prior to 4.2.2, with user input handling in the New appointment flow enabling script ...
JVN#67595539: Cybozu Garoon multiple cross-site scripting vulnerabilities
Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains multiple cross-site scripting vulnerabilities. Cross-site scripting in the "Response request" function - CVE-2016-1214 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score:...