Product:

Office

(Cybozu)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 71
Date Id Summary Products Score Patch Annotated
2021-03-18 CVE-2021-20629 Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Office 6.1
2021-03-18 CVE-2021-20628 Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox. Office 6.1
2021-03-18 CVE-2021-20627 Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Office 6.1
2017-04-28 CVE-2017-2116 Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors. Office 4.3
2019-12-26 CVE-2019-6023 Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'. Office N/A
2019-12-26 CVE-2019-6022 Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. Office N/A
2017-04-28 CVE-2017-2115 Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors. Office 4.3
2017-10-12 CVE-2017-10857 Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function. Office 4.3
2019-01-09 CVE-2018-0704 Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen. Office 7.5
2019-01-09 CVE-2018-0703 Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests. Office 7.5