2 matches found
CVE-2020-5564
CVE-2020-5564 affects Cybozu Garoon (v4.0.0–4.10.3). It is a cross-site scripting vulnerability in the E-mail component that allows a remote attacker to inject arbitrary web script or HTML via the E-mail application. The issue is caused by improper handling of input in the E-mail feature, enablin...
JVN#35649781: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Authentication bypass in the API used to specify the fields CWE-287 - CVE-2020-5563 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2|...