Vulnerabilities > Cybozu
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-05 | CVE-2013-6906 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6905 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in a phone component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6904 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in a note component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6903 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in a schedule component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6902 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6901 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6900 | Cross-Site Scripting vulnerability in Cybozu Garoon Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-12-05 | CVE-2013-6004 | Permissions, Privileges, and Access Controls vulnerability in Cybozu Garoon Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows remote attackers to hijack web sessions via unspecified vectors. | 6.8 |
| 2013-12-05 | CVE-2013-6003 | Improper Input Validation vulnerability in Cybozu Garoon 3.1/3.5 CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vectors. | 3.5 |
| 2013-12-05 | CVE-2013-6002 | Resource Management Errors vulnerability in Cybozu Garoon The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | 5.0 |