VYPR
Medium severity5.4NVD Advisory· Published Aug 29, 2017· Updated Jun 17, 2026

CVE-2017-2255

CVE-2017-2255

Description

Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Cybozu/Garoon16 versions
    cpe:2.3:a:cybozu:garoon:3.7.0:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:cybozu:garoon:3.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:3.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:3.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:3.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:3.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:3.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:cybozu:garoon:4.2.5:*:*:*:*:*:*:*
    • (no CPE)range: 3.7.0 to 4.2.5
  • Cybozu, Inc./Cybozu Garoonv5
    Range: 3.7.0 to 4.2.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.