JVNDB-2013-000113

Multiple cross-site scripting vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains multiple cross-site scripting vulnerabilities.

Cybozu, Inc.

• Cybozu Garoon 3.7 Service Pack 1 and earlier

An arbitrary script may be executed on the user's web browser.

[Update the Software]
Update to the latest version according to the information provided by the developer.

Cybozu, Inc.

• Cybozu : Cybozu, Inc. website (in Japanese)

1. Cross-site Scripting(CWE-79) [IPA Evaluation]

1. CVE-2013-6900
2. CVE-2013-6901
3. CVE-2013-6902
4. CVE-2013-6903
5. CVE-2013-6904
6. CVE-2013-6905
7. CVE-2013-6906
8. CVE-2013-6907
9. CVE-2013-6908
10. CVE-2013-6909
11. CVE-2013-6910
12. CVE-2013-6911
13. CVE-2013-6912
14. CVE-2013-6913
15. CVE-2013-6914
16. CVE-2013-6915
17. CVE-2013-6916

1. JVN : JVN#23981867
2. National Vulnerability Database (NVD) : CVE-2013-6900
3. National Vulnerability Database (NVD) : CVE-2013-6901
4. National Vulnerability Database (NVD) : CVE-2013-6902
5. National Vulnerability Database (NVD) : CVE-2013-6903
6. National Vulnerability Database (NVD) : CVE-2013-6904
7. National Vulnerability Database (NVD) : CVE-2013-6905
8. National Vulnerability Database (NVD) : CVE-2013-6906
9. National Vulnerability Database (NVD) : CVE-2013-6907
10. National Vulnerability Database (NVD) : CVE-2013-6908
11. National Vulnerability Database (NVD) : CVE-2013-6909
12. National Vulnerability Database (NVD) : CVE-2013-6910
13. National Vulnerability Database (NVD) : CVE-2013-6911
14. National Vulnerability Database (NVD) : CVE-2013-6912
15. National Vulnerability Database (NVD) : CVE-2013-6913
16. National Vulnerability Database (NVD) : CVE-2013-6914
17. National Vulnerability Database (NVD) : CVE-2013-6915
18. National Vulnerability Database (NVD) : CVE-2013-6916

• [2013/12/03]
    Web page was published
  [2013/12/06]
    References : Contents were added