Vulnerabilities > Cybozu > Kunai > 3.0.4

DATE CVE VULNERABILITY TITLE RISK
2017-07-07 CVE-2017-2172 Cross-site Scripting vulnerability in Cybozu Kunai
Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
cybozu CWE-79
6.1
6.1
2017-04-28 CVE-2017-2109 Information Exposure vulnerability in Cybozu Kunai 3.0.4/3.0.5/3.0.5.1
Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application.
local
high complexity
cybozu CWE-200
2.5
2.5
2017-04-21 CVE-2016-1187 Information Exposure vulnerability in Cybozu Kunai
Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates.
network
high complexity
cybozu CWE-200
6.8
6.8