Vulnerabilities > Cybozu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-13 | CVE-2021-20805 | Cross-site Scripting vulnerability in Cybozu Remote Service Manager 3.1.7/3.1.8/3.1.9 Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
2021-10-13 | CVE-2021-20806 | Open Redirect vulnerability in Cybozu Remote Service Manager Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
2021-10-13 | CVE-2021-20807 | Cross-site Scripting vulnerability in Cybozu Remote Service Manager Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 4.3 |
2021-08-18 | CVE-2021-20753 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 3.5 |
2021-08-18 | CVE-2021-20754 | Improper Input Validation vulnerability in Cybozu Garoon Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege. | 4.0 |
2021-08-18 | CVE-2021-20755 | Unspecified vulnerability in Cybozu Garoon Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege. | 4.0 |
2021-08-18 | CVE-2021-20756 | Unspecified vulnerability in Cybozu Garoon Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege. | 4.0 |
2021-08-18 | CVE-2021-20757 | Improper Authentication vulnerability in Cybozu Garoon Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | 4.0 |
2021-08-18 | CVE-2021-20758 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors. | 6.0 |
2021-08-18 | CVE-2021-20759 | Improper Authentication vulnerability in Cybozu Garoon Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege. | 4.0 |