What is the severity of CVE-2013-6903?

CVE-2013-6903 is categorized as a medium severity vulnerability due to its ability to allow cross-site scripting attacks.

How do I fix CVE-2013-6903?

To fix CVE-2013-6903, upgrade to Cybozu Garoon version 3.7.0 or later.

What types of attacks can be executed through CVE-2013-6903?

CVE-2013-6903 allows attackers to inject arbitrary web scripts or HTML into the application.

Which versions of Cybozu Garoon are affected by CVE-2013-6903?

CVE-2013-6903 affects Cybozu Garoon versions prior to 3.7.0.

Are Internet Explorer and Firefox vulnerable to CVE-2013-6903?

Yes, the vulnerability can be exploited when using Internet Explorer or Firefox.

Vulnerability/
CVE-2013-6903

medium

4.3

CWE

5/12/2013

6/8/2024

CVE-2013-6903: XSS

First published: Thu Dec 05 2013(Updated: )

Cross-site scripting (XSS) vulnerability in a schedule component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Cybozu Garoon	<=3.5
Cybozu Garoon	=2.0-sp1
Cybozu Garoon	=2.0-sp2
Cybozu Garoon	=2.0-sp3
Cybozu Garoon	=2.0-sp4
Cybozu Garoon	=2.0-sp5
Cybozu Garoon	=2.0-sp6
Cybozu Garoon	=2.1
Cybozu Garoon	=2.1-sp1
Cybozu Garoon	=2.1-sp2
Cybozu Garoon	=2.1-sp3
Cybozu Garoon	=2.5
Cybozu Garoon	=2.5-sp1
Cybozu Garoon	=2.5-sp2
Cybozu Garoon	=2.5-sp3
Cybozu Garoon	=2.5-sp4
Cybozu Garoon	=3.0
Cybozu Garoon	=3.0-sp1
Cybozu Garoon	=3.0-sp2
Cybozu Garoon	=3.0-sp3
Cybozu Garoon	=3.1
Cybozu Garoon	=3.1-sp1
Cybozu Garoon	=3.1-sp2
Cybozu Garoon	=3.1-sp3
Cybozu Garoon	=3.5
Cybozu Garoon	=3.5-sp1
Cybozu Garoon	=3.5-sp2
Cybozu Garoon	=3.5-sp3
Cybozu Garoon	=3.5-sp4
Firefox
Internet Explorer

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-6903?
CVE-2013-6903 is categorized as a medium severity vulnerability due to its ability to allow cross-site scripting attacks.
How do I fix CVE-2013-6903?
To fix CVE-2013-6903, upgrade to Cybozu Garoon version 3.7.0 or later.
What types of attacks can be executed through CVE-2013-6903?
CVE-2013-6903 allows attackers to inject arbitrary web scripts or HTML into the application.
Which versions of Cybozu Garoon are affected by CVE-2013-6903?
CVE-2013-6903 affects Cybozu Garoon versions prior to 3.7.0.
Are Internet Explorer and Firefox vulnerable to CVE-2013-6903?
Yes, the vulnerability can be exploited when using Internet Explorer or Firefox.

agent/type
agent/references
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/source
agent/first-publish-date
agent/event
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cybozu
canonical/cybozu garoon
version/cybozu garoon/3.5
version/cybozu garoon/2.0-sp1
version/cybozu garoon/2.0-sp2
version/cybozu garoon/2.0-sp3
version/cybozu garoon/2.0-sp4
version/cybozu garoon/2.0-sp5
version/cybozu garoon/2.0-sp6
version/cybozu garoon/2.1
version/cybozu garoon/2.1-sp1
version/cybozu garoon/2.1-sp2
version/cybozu garoon/2.1-sp3
version/cybozu garoon/2.5
version/cybozu garoon/2.5-sp1
version/cybozu garoon/2.5-sp2
version/cybozu garoon/2.5-sp3
version/cybozu garoon/2.5-sp4
version/cybozu garoon/3.0
version/cybozu garoon/3.0-sp1
version/cybozu garoon/3.0-sp2
version/cybozu garoon/3.0-sp3
version/cybozu garoon/3.1
version/cybozu garoon/3.1-sp1
version/cybozu garoon/3.1-sp2
version/cybozu garoon/3.1-sp3
version/cybozu garoon/3.5-sp1
version/cybozu garoon/3.5-sp2
version/cybozu garoon/3.5-sp3
version/cybozu garoon/3.5-sp4
vendor/mozilla
canonical/firefox
vendor/microsoft
canonical/internet explorer