Vulnerabilities > Cybozu > Dezie > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-06-09 CVE-2016-7833 Improper Access Control vulnerability in Cybozu Dezie
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
network
low complexity
cybozu CWE-284
6.4
6.4
2017-06-09 CVE-2016-7832 Information Exposure vulnerability in Cybozu Dezie
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to obtain an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors.
network
low complexity
cybozu CWE-200
5.0
5.0
2013-12-13 CVE-2013-6005 Cross-Site Scripting vulnerability in Cybozu Dezie
Cross-site scripting (XSS) vulnerability in Cybozu Dezie before 8.1.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Cancel button.
network
cybozu CWE-79
4.3
4.3
2011-06-29 CVE-2011-1334 Cross-Site Scripting vulnerability in Cybozu products
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system."
network
cybozu CWE-79
4.3
4.3