2 matches found
CVE-2019-5975
CVE-2019-5975 affects Cybozu Garoon 4.6.0–4.10.2 with a DOM-based cross-site scripting vulnerability in the Portal component (CWE-79). Root cause: insufficient input validation allows an authenticated user to cause arbitrary script/HTML execution in the user’s browser via unspecified vectors. Imp...
JVN#62618482: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. DOM-based cross-site scripting in the application "Portal" CWE-79 - CVE-2019-5975 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.4 CVSS v2|...