CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-1197

Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN37121456/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000083
https://support.cybozu.com/ja-jp/article/9303
http://jvn.jp/en/jp/JVN37121456/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000083
https://support.cybozu.com/ja-jp/article/9303

Products affected by CVE-2016-1197

Cybozu » Garoon » Version: 4.0.0

cpe:2.3:a:cybozu:garoon:4.0.0
Cybozu » Garoon » Version: 4.0.1

cpe:2.3:a:cybozu:garoon:4.0.1
Cybozu » Garoon » Version: 4.0.2

cpe:2.3:a:cybozu:garoon:4.0.2
Cybozu » Garoon » Version: 4.0.3

cpe:2.3:a:cybozu:garoon:4.0.3
Cybozu » Garoon » Version: 4.2.0

cpe:2.3:a:cybozu:garoon:4.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1197

Products

Pricing

Contact Us