HomePentest-Tools.com Logo

Cybozu Garoon Multiple XSS Vulnerabilities CVE-2017-2256CVE-2017-2257

Severity
CVSSv3 Score
6.1
Vulnerability description

Cybozu Garoon is prone to multiple cross site scripting vulnerabilities.

Risk description

Multiple flaws are due to: - An input validation error in mail function. - An input validation error in Rich text function. Successful exploitation will allow remote attackers to execute arbitrary script in the logged-in users web browser.

Recommendation

Update to the Cybozu Garoon version 4.2.6 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 29, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available