3 matches found
CVE-2020-5568
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'...
CVE-2020-5568
CVE-2020-5568 is a cross-site scripting vulnerability in Cybozu Garoon, affecting versions 4.6.0 through 5.0.0. The flaw allows remote attackers to inject arbitrary web script or HTML via the Messages and Bulletin Board applications. The underlying issue is an XSS weakness in these components, en...
JVN#35649781: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Authentication bypass in the API used to specify the fields CWE-287 - CVE-2020-5563 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2|...