Garoon
Monthly
Garoon contains a vulnerability that allows attackers to unauthorized alteration of portal settings, potentially blocking access to the p (CVSS 7.5).
Cybozu Garoon 5.15.0 through 6.0.3 contains a cross-site scripting vulnerability in the Message function that allows authenticated attackers to reset arbitrary user passwords through malicious scripts. The vulnerability requires user interaction and affects the confidentiality and integrity of user accounts. No patch is currently available.
Cybozu Garoon versions 5.0.0 through 6.0.3 contain a cross-site scripting vulnerability in the email function that enables attackers to reset arbitrary user passwords by crafting malicious email content. The attack requires user interaction to trigger and can affect confidentiality and integrity across security boundaries. No patch is currently available for this vulnerability.
Garoon contains a vulnerability that allows attackers to unauthorized alteration of portal settings, potentially blocking access to the p (CVSS 7.5).
Cybozu Garoon 5.15.0 through 6.0.3 contains a cross-site scripting vulnerability in the Message function that allows authenticated attackers to reset arbitrary user passwords through malicious scripts. The vulnerability requires user interaction and affects the confidentiality and integrity of user accounts. No patch is currently available.
Cybozu Garoon versions 5.0.0 through 6.0.3 contain a cross-site scripting vulnerability in the email function that enables attackers to reset arbitrary user passwords by crafting malicious email content. The attack requires user interaction to trigger and can affect confidentiality and integrity across security boundaries. No patch is currently available for this vulnerability.