Vulnerabilities > Cybozu > Remote Service Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-13 | CVE-2021-20805 | Cross-site Scripting vulnerability in Cybozu Remote Service Manager 3.1.7/3.1.8/3.1.9 Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors. | 5.4 |
| 2021-10-13 | CVE-2021-20806 | Open Redirect vulnerability in Cybozu Remote Service Manager Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2021-10-13 | CVE-2021-20807 | Cross-site Scripting vulnerability in Cybozu Remote Service Manager Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 6.1 |
| 2019-01-09 | CVE-2018-16172 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cybozu Remote Service Manager Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. | 6.5 |
| 2017-04-28 | CVE-2016-7815 | Improper Certificate Validation vulnerability in Cybozu Remote Service Manager Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network. | 4.2 |