CVE-2017-2114

CVE-2017-2114 affects Cybozu Office 10.0.0–10.5.0. The vulnerability is a cross-site scripting flaw in the design setting screen (CWE-79) that allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Impact: arbitrary scripts may execute in the logged-...

JVN#17535578: Multiple vulnerabilities in Cybozu Office

Cybozu Office contains multiple vulnerabilities listed below. Cross-site scripting in the design setting screen CWE-79 - CVE-2017-2114 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:L/Au:S/C:N/I:P/A:N| Base Score: 4.0...