Vulnerabilities > Cybozu > Garoon > 4.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-18 | CVE-2021-20773 | Unspecified vulnerability in Cybozu Garoon There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege. | 4.0 |
| 2021-08-18 | CVE-2021-20774 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2020-06-30 | CVE-2020-5587 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5584 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. | 5.0 |
| 2020-06-30 | CVE-2020-5583 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5582 | Incorrect Authorization vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5581 | Path Traversal vulnerability in Cybozu Garoon Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5580 | Improper Privilege Management vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors. | 5.5 |
| 2020-04-28 | CVE-2020-5567 | Improper Authentication vulnerability in Cybozu Garoon Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. | 5.0 |
| 2020-04-28 | CVE-2020-5566 | Missing Authorization vulnerability in Cybozu Garoon Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'. | 4.0 |