2 matches found
CVE-2018-0527
Cybozu Office is affected by CVE-2018-0527: a Cross-site scripting (CWE-79) vulnerability in Cybozu Office versions 10.0.0–10.7.0 that can allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The impact is an arbitrary script execution in the user’s browser. Reme...
JVN#51737843: Multiple vulnerabilities in Cybozu Office
Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Information disclosure in the application "Message" when viewing an external image CWE-200 - CVE-2018-0526 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N| Base Score:...