Vulnerabilities > Cybozu > Garoon > 2.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-06-29 | CVE-2011-1333 | Cross-Site Scripting vulnerability in Cybozu Garoon and Office Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system." | 4.3 |
2011-06-29 | CVE-2011-1332 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-6570. | 4.3 |
2009-03-31 | CVE-2008-6570 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed. | 4.3 |
2009-03-31 | CVE-2008-6569 | Improper Authentication vulnerability in Cybozu Garoon Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page. | 6.8 |