Vulnerabilities > Cybozu
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-30 | CVE-2020-5586 | Cross-site Scripting vulnerability in Cybozu Garoon 4.10.3/5.0.0/5.0.1 Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2020-06-30 | CVE-2020-5585 | Cross-site Scripting vulnerability in Cybozu Garoon 5.0.0/5.0.1 Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. | 3.5 |
| 2020-06-30 | CVE-2020-5584 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. | 5.0 |
| 2020-06-30 | CVE-2020-5583 | Information Exposure vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5582 | Incorrect Authorization vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5581 | Path Traversal vulnerability in Cybozu Garoon Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | 4.0 |
| 2020-06-30 | CVE-2020-5580 | Improper Privilege Management vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors. | 5.5 |
| 2020-05-29 | CVE-2020-5573 | Information Exposure vulnerability in Cybozu Kintone Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 2.1 |
| 2020-05-29 | CVE-2020-5572 | Information Exposure vulnerability in Cybozu Mailwise 1.0.1 Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. | 2.1 |
| 2020-05-25 | CVE-2020-5537 | Improper Input Validation vulnerability in Cybozu Desktop Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. | 7.5 |