CVE-2019-5940
Cybozu Garoon 4.x (4.0.0–4.10.1) is affected by Cross-site scripting via the Scheduler component (CVE-2019-5940). The vulnerability enables remote attackers to inject script/HTML into a user’s browser, constituting an XSS risk. Connected sources corroborate multiple related CVEs affecting Garoon ...