16 matches found
EUVD-2021-8168
Malicious code in bioql PyPI...
Freescout Permission Issues Vulnerability
FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a privilege issue vulnerability that stems from improper checking of...
FreeScout 安全漏洞
FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a privilege issue vulnerability that stems from improper checking of...
CVE-2021-20756
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege...
CVE-2021-20756
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege...
CVE-2021-20755
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege...
Design/Logic Flaw
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege...
CVE-2021-20756
CVE-2021-20756 affects Cybozu Garoon Address module (versions 4.0.0–5.0.2). The vulnerability is a viewing restrictions bypass that allows a remote authenticated attacker to obtain address data without the proper viewing privilege. Impact is consistent with other Cybozu Garoon disclosures in the ...
CVE-2021-20755
CVE-2021-20755 (Cybozu Garoon Portal viewing restriction bypass) is a vulnerability in Cybozu Garoon where a user who can log in can obtain portal data without the proper viewing privileges. The CVE is listed with a CVSSv3 base score of 4.3 (CVSSv2 base score 4.0). Affected products include Cyboz...
CVE-2021-20755
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege...
Multiple vulnerabilities in Cybozu Office
Overview Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1657 Operational restrictions bypass vulnerability in Scheduler CWE-264 - CVE-2021-20624 CyVDB-1727 Operational restrictions bypass vulnerability in Bulletin Board CWE-264 - CVE-2021-20625...
JVN#45797538: Multiple vulnerabilities in Cybozu Office
Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1657 Operational restrictions bypass vulnerability in Scheduler CWE-264 - CVE-2021-20624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N| Base Score: 4.3 CVSS v2|...
CVE-2015-8484
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152...
CVE-2015-8484
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152...
Confluence OnDemand dashboard - popular tab - user is shown links to pages they are restricted from viewing
Children of restricted pages do not get hidden from users who do not have permission to see the parent. Steps to reproduce: Create an unrestricted page. Create a child page, also unrestricted. Create a second user. Confirm the user can see the two new pages in their dashboard. Restrict viewing of...
Confluence adminsistrators can still view a restricted page if the type in the URL or click on a link in an email
If I set page viewing restrictions on a wki page to one group of which I am a member, other users, including confluence adminsistrators, cannot see the page when navigating within the application. If they type in the URL of the restricted page or click on a link to the restricted page, then can...