Vulnerabilities > Cybozu > Garoon > 4.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-19 | CVE-2016-1197 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775. | 4.3 |
2016-06-19 | CVE-2016-1195 | Open Redirection vulnerability in Cybozu Garoon Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. network cybozu | 5.8 |
2015-10-12 | CVE-2015-5647 | Code Injection vulnerability in Cybozu Garoon The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-866. | 8.5 |
2015-10-12 | CVE-2015-5646 | Code Injection vulnerability in Cybozu Garoon Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors, aka CyVDB-863 and CyVDB-867. | 8.5 |