Garoon@* Security Vulnerabilities and Issues — Garoon@* CVE List

Lucene search

CybozuGaroon*

16 matches found

CVE•added 2020/04/28 4:15 a.m.•205 views

CVE-2020-5566

Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'.

4.3CVSS4.9AI score0.00264EPSS

CVE•added 2020/04/28 4:15 a.m.•79 views

CVE-2020-5567

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.

7.5CVSS7.5AI score0.00813EPSS

CVE•added 2020/04/28 4:15 a.m.•77 views

CVE-2020-5568

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'.

6.1CVSS6.2AI score0.00402EPSS

CVE•added 2020/04/28 4:15 a.m.•71 views

CVE-2020-5563

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in the affected product via the API.

5.3CVSS6AI score0.00636EPSS

CVE•added 2020/04/28 4:15 a.m.•71 views

CVE-2020-5564

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.

6.1CVSS6.2AI score0.00402EPSS

CVE•added 2020/04/28 4:15 a.m.•68 views

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'.

4.3CVSS4.9AI score0.00238EPSS

CVE•added 2020/04/28 4:15 a.m.•66 views

CVE-2020-5562

Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote attacker with an administrative privilege to issue arbitrary HTTP requests to other web servers via V-CUBE Meeting function.

4.9CVSS5.3AI score0.00239EPSS

CVE•added 2020/11/06 3:15 a.m.•47 views

CVE-2020-5643

Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector.

6.5CVSS6.1AI score0.0014EPSS

CVE•added 2020/06/30 11:15 a.m.•38 views

CVE-2020-5583

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors.

6.5CVSS6.3AI score0.00226EPSS

CVE•added 2020/06/30 11:15 a.m.•37 views

CVE-2020-5582

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.

4.3CVSS5.1AI score0.00188EPSS

CVE•added 2020/06/30 11:15 a.m.•37 views

CVE-2020-5586

Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

4.8CVSS5.6AI score0.00352EPSS

CVE•added 2020/06/30 11:15 a.m.•35 views

CVE-2020-5580

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.

8.1CVSS7.4AI score0.00215EPSS

CVE•added 2020/06/30 11:15 a.m.•35 views

CVE-2020-5584

Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.

7.5CVSS7.4AI score0.004EPSS

CVE•added 2020/06/30 11:15 a.m.•35 views

CVE-2020-5587

Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5CVSS6.3AI score0.00249EPSS

CVE•added 2020/06/30 11:15 a.m.•32 views

CVE-2020-5581

Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5CVSS6.2AI score0.00276EPSS

CVE•added 2020/06/30 11:15 a.m.•32 views

CVE-2020-5585

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

4.8CVSS5.6AI score0.00403EPSS