Vulnerabilities > Cybozu > Garoon > 4.2.0

DATE CVE VULNERABILITY TITLE RISK
2016-06-19 CVE-2016-1191 Path Traversal vulnerability in Cybozu Garoon
Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.
network
low complexity
cybozu CWE-22
5.3
5.3
2016-06-19 CVE-2016-1197 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.
network
low complexity
cybozu CWE-79
6.1
6.1
2016-06-19 CVE-2016-1195 Unspecified vulnerability in Cybozu Garoon
Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
network
low complexity
cybozu
7.4
7.4