Vulnerabilities > Cybozu > Office > 6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-21 | CVE-2011-2677 | Permissions, Privileges, and Access Controls vulnerability in Cybozu Office 6 Cybozu Office before 8.0.0 allows remote authenticated users to bypass intended access restrictions and access sensitive information (time card and attendance) via unspecified vectors related to manipulation of a URL. | 5.5 |
2011-06-29 | CVE-2011-1335 | Cross-Site Scripting vulnerability in Cybozu Office 6/7/8 Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions." | 4.3 |
2011-06-29 | CVE-2011-1334 | Cross-Site Scripting vulnerability in Cybozu products Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system." | 4.3 |
2011-06-29 | CVE-2011-1333 | Cross-Site Scripting vulnerability in Cybozu Garoon and Office Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system." | 4.3 |