3 matches found
CVE-2016-1217
Cross-site scripting XSS vulnerability in the "Check available times" function in Cybozu Garoon before 4.2.2...
CVE-2016-1217
CVE-2016-1217 is a cross-site scripting (XSS) vulnerability in Cybozu Garoon, exploitable via the "Check available times" function before version 4.2.2. The issue allows arbitrary script execution in the logged-in user’s browser and affects Garoon releases up to 4.2.1 (and related CVEs 1214–1216 ...
JVN#67595539: Cybozu Garoon multiple cross-site scripting vulnerabilities
Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains multiple cross-site scripting vulnerabilities. Cross-site scripting in the "Response request" function - CVE-2016-1214 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score:...