Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Garoon  Security Vulnerabilities
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-07-19
CVE-2024-31398
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of users.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-06-11
CVE-2024-31399
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS) condition.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-11
CVE-2024-31402
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-06-11
CVE-2024-31403
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data of Memo.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-06-11
CVE-2024-31404
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of Scheduler.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-06-11
CVE-2023-26595
Denial-of-service (DoS) vulnerability in Message of Cybozu Garoon 4.10.0 to 5.9.2 allows a remote authenticated attacker to cause a denial of service condition.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-05-23
CVE-2023-27304
Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
CVE-2023-27384
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
CVE-2022-31472
Browse restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to obtain the data of Cabinet.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved