Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Cybozu)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 71 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-03-18 | CVE-2021-20630 | Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via unspecified vectors. | Office | 4.3 | ||
2021-03-18 | CVE-2021-20629 | Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. | Office | 6.1 | ||
2021-03-18 | CVE-2021-20628 | Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox. | Office | 6.1 | ||
2021-03-18 | CVE-2021-20627 | Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. | Office | 6.1 | ||
2017-04-28 | CVE-2017-2116 | Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors. | Office | 4.3 | ||
2019-12-26 | CVE-2019-6023 | Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. | Office | N/A | ||
2019-12-26 | CVE-2019-6022 | Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. | Office | N/A | ||
2017-04-28 | CVE-2017-2115 | Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors. | Office | 4.3 | ||
2017-10-12 | CVE-2017-10857 | Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function. | Office | 4.3 | ||
2019-01-09 | CVE-2018-0704 | Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen. | Office | 7.5 |