Vulnerabilities > Cybozu > Kunai > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2172 | Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2017-04-21 | CVE-2016-1187 | Information Exposure vulnerability in Cybozu Kunai Cybozu KUNAI for iPhone 2.0.3 through 3.1.5 and for Android 2.1.2 through 3.0.4 does not verify SSL certificates. | 4.3 |
| 2012-09-08 | CVE-2012-4012 | Information Exposure vulnerability in Cybozu Kunai 2.0.5 The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | 4.3 |