Vulnerabilities > Cybozu > Garoon > 2.1.1

DATE CVE VULNERABILITY TITLE RISK
2011-06-29 CVE-2011-1333 Cross-Site Scripting vulnerability in Cybozu Garoon and Office
Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."
network
cybozu CWE-79
4.3
4.3
2011-06-29 CVE-2011-1332 Cross-Site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-6570.
network
cybozu CWE-79
4.3
4.3
2009-03-31 CVE-2008-6570 Cross-Site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.
network
cybozu CWE-79
4.3
4.3
2009-03-31 CVE-2008-6569 Improper Authentication vulnerability in Cybozu Garoon
Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page.
network
cybozu CWE-287
6.8
6.8