Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Garoon  >> 5.0.0  Security Vulnerabilities
CVE-2026-20711
Cross-site scripting vulnerability exists in E-mail function of Cybozu Garoon 5.0.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-02-02
CVE-2026-22888
Improper input verification issue exists in Cybozu Garoon 5.0.0 to 6.0.3, which may lead to unauthorized alteration of portal settings, potentially blocking access to the product.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-02-02
CVE-2024-31397
Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS) condition.
CVSS Score
4.9
EPSS Score
0.001
Published
2024-06-11
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
CVSS Score
4.3
EPSS Score
0.005
Published
2024-06-11
CVE-2024-31399
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-11
CVE-2024-31402
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
CVSS Score
4.3
EPSS Score
0.004
Published
2024-06-11
CVE-2023-26595
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
CVSS Score
6.5
EPSS Score
0.006
Published
2023-05-23
CVE-2023-27304
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
CVE-2022-31472
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-07-11
CVE-2022-29512
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated attacker to obtain the data without the viewing privilege.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved