VYPR

Garoon

by Cybozu

CVEs (200)

  • CVE-2022-27661Jul 4, 2022
    risk 0.00cvss epss 0.01

    Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Workflow.

  • CVE-2022-27627Jul 4, 2022
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Organization's Information of Cybozu Garoon 4.10.2 to 5.5.1 allows a remote attacker to execute an arbitrary script on the logged-in user's web browser.

  • CVE-2022-26368Jul 4, 2022
    risk 0.00cvss epss 0.01

    Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter and/or obtain the data of Cabinet.

  • CVE-2022-26054Jul 4, 2022
    risk 0.00cvss epss 0.01

    Operation restriction bypass vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Link.

  • CVE-2022-26051Jul 4, 2022
    risk 0.00cvss epss 0.01

    Operation restriction bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to alter the data of Portal.

  • CVE-2021-20775Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.

  • CVE-2021-20774Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20773Aug 18, 2021
    risk 0.00cvss epss 0.01

    There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.

  • CVE-2021-20772Aug 18, 2021
    risk 0.00cvss epss 0.01

    Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege.

  • CVE-2021-20771Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20770Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20769Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20768Aug 18, 2021
    risk 0.00cvss epss 0.01

    Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege.

  • CVE-2021-20767Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20766Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20765Aug 18, 2021
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20764Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files.

  • CVE-2021-20763Aug 18, 2021
    risk 0.00cvss epss 0.01

    Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.

  • CVE-2021-20762Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege.

  • CVE-2021-20761Aug 18, 2021
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.

Page 5 of 10