|
199591
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.
|
NVD-CWE-Other
|
CVE-2021-20759
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199592
|
8.0 |
HIGH
Network
|
cybozu
|
garoon
|
Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitra…
|
CWE-352
Origin Validation Error
|
CVE-2021-20758
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199593
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.
|
NVD-CWE-Other
|
CVE-2021-20757
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199594
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.
|
NVD-CWE-Other
|
CVE-2021-20756
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199595
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege.
|
NVD-CWE-Other
|
CVE-2021-20755
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199596
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege.
|
CWE-20
Improper Input Validation
|
CVE-2021-20754
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199597
|
5.4 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20753
|
2024-11-21 14:47 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199598
|
6.1 |
MEDIUM
Network
|
groupsession
|
groupsession_zion
groupsession_bycloud
groupsession
|
Open redirect vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSe…
|
CWE-601
Open Redirect
|
CVE-2021-20789
|
2024-11-21 14:47 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199599
|
4.3 |
MEDIUM
Network
|
groupsession
|
groupsession_zion
groupsession_bycloud
groupsession
|
Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2021-20788
|
2024-11-21 14:47 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199600
|
4.8 |
MEDIUM
Network
|
groupsession
|
groupsession_zion
groupsession_bycloud
groupsession
|
Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and …
|
CWE-79
Cross-site Scripting
|
CVE-2021-20787
|
2024-11-21 14:47 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
