CVEDB API

Vulnerability Details CVE-2011-1335

Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://cs.cybozu.co.jp/information/20100816notice05.php
http://jvn.jp/en/jp/JVN55508059/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000047
http://secunia.com/advisories/44992
http://secunia.com/advisories/45050
http://www.osvdb.org/73320
http://www.securityfocus.com/bid/48446
http://cs.cybozu.co.jp/information/20100816notice05.php
http://jvn.jp/en/jp/JVN55508059/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000047
http://secunia.com/advisories/44992
http://secunia.com/advisories/45050
http://www.osvdb.org/73320
http://www.securityfocus.com/bid/48446

Products affected by CVE-2011-1335

Cybozu » Office » Version: 6

cpe:2.3:a:cybozu:office:6
Cybozu » Office » Version: 7

cpe:2.3:a:cybozu:office:7
Cybozu » Office » Version: 8

cpe:2.3:a:cybozu:office:8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-1335

Products

Pricing

Contact Us