Medium severity6.1NVD Advisory· Published Jul 7, 2017· Updated May 13, 2026

CVE-2017-2172

Description

Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

Cybozu/Kunai8 versions
cpe:2.3:a:cybozu:kunai:3.0.0:*:*:*:*:android:*:*+ 7 more
- cpe:2.3:a:cybozu:kunai:3.0.0:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.1:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.2:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.3:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.4:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.5.1:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.5:*:*:*:*:android:*:*
- cpe:2.3:a:cybozu:kunai:3.0.6:*:*:*:*:android:*:*
Cybozu, Inc./Cybozu KUNAI for Androidv5
Range: 3.0.0 to 3.0.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN56588965/index.htmlnvdThird Party Advisory
support.cybozu.com/ja-jp/article/9909nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000