Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Garoon
(Cybozu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 190 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-12-05 | CVE-2013-6909 | Cross-site scripting (XSS) vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6908 | Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6907 | Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6906 | Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6902 | Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6901 | Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6900 | Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | N/A | ||
| 2013-12-28 | CVE-2013-6006 | Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to bypass Keitai authentication via a modified user ID in a request. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6004 | Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows remote attackers to hijack web sessions via unspecified vectors. | Garoon | N/A | ||
| 2013-12-05 | CVE-2013-6003 | CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vectors. | Garoon | N/A |