What is the severity of CVE-2013-6907?

The severity of CVE-2013-6907 is classified as medium, allowing attackers to exploit a cross-site scripting vulnerability.

How do I fix CVE-2013-6907?

To fix CVE-2013-6907, you should upgrade Cybozu Garoon to version 3.7.0 or later.

What products are affected by CVE-2013-6907?

CVE-2013-6907 affects Cybozu Garoon versions 2.x and 3.x prior to 3.7.0.

What type of vulnerability is CVE-2013-6907?

CVE-2013-6907 is a cross-site scripting (XSS) vulnerability.

Can attackers exploit CVE-2013-6907 remotely?

Yes, attackers can exploit CVE-2013-6907 remotely to inject arbitrary web scripts or HTML.

Vulnerability/
CVE-2013-6907

medium

4.3

CWE

5/12/2013

6/8/2024

CVE-2013-6907: XSS

First published: Thu Dec 05 2013(Updated: )

Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Cybozu Garoon	<=3.5
Cybozu Garoon	=2.0-sp1
Cybozu Garoon	=2.0-sp2
Cybozu Garoon	=2.0-sp3
Cybozu Garoon	=2.0-sp4
Cybozu Garoon	=2.0-sp5
Cybozu Garoon	=2.0-sp6
Cybozu Garoon	=2.1
Cybozu Garoon	=2.1-sp1
Cybozu Garoon	=2.1-sp2
Cybozu Garoon	=2.1-sp3
Cybozu Garoon	=2.5
Cybozu Garoon	=2.5-sp1
Cybozu Garoon	=2.5-sp2
Cybozu Garoon	=2.5-sp3
Cybozu Garoon	=2.5-sp4
Cybozu Garoon	=3.0
Cybozu Garoon	=3.0-sp1
Cybozu Garoon	=3.0-sp2
Cybozu Garoon	=3.0-sp3
Cybozu Garoon	=3.1
Cybozu Garoon	=3.1-sp1
Cybozu Garoon	=3.1-sp2
Cybozu Garoon	=3.1-sp3
Cybozu Garoon	=3.5
Cybozu Garoon	=3.5-sp1
Cybozu Garoon	=3.5-sp2
Cybozu Garoon	=3.5-sp3
Cybozu Garoon	=3.5-sp4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-6907?
The severity of CVE-2013-6907 is classified as medium, allowing attackers to exploit a cross-site scripting vulnerability.
How do I fix CVE-2013-6907?
To fix CVE-2013-6907, you should upgrade Cybozu Garoon to version 3.7.0 or later.
What products are affected by CVE-2013-6907?
CVE-2013-6907 affects Cybozu Garoon versions 2.x and 3.x prior to 3.7.0.
What type of vulnerability is CVE-2013-6907?
CVE-2013-6907 is a cross-site scripting (XSS) vulnerability.
Can attackers exploit CVE-2013-6907 remotely?
Yes, attackers can exploit CVE-2013-6907 remotely to inject arbitrary web scripts or HTML.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/weakness
agent/first-publish-date
agent/tags
agent/event
agent/description
agent/source
vendor/cybozu
canonical/cybozu garoon
version/cybozu garoon/3.5
version/cybozu garoon/2.0-sp1
version/cybozu garoon/2.0-sp2
version/cybozu garoon/2.0-sp3
version/cybozu garoon/2.0-sp4
version/cybozu garoon/2.0-sp5
version/cybozu garoon/2.0-sp6
version/cybozu garoon/2.1
version/cybozu garoon/2.1-sp1
version/cybozu garoon/2.1-sp2
version/cybozu garoon/2.1-sp3
version/cybozu garoon/2.5
version/cybozu garoon/2.5-sp1
version/cybozu garoon/2.5-sp2
version/cybozu garoon/2.5-sp3
version/cybozu garoon/2.5-sp4
version/cybozu garoon/3.0
version/cybozu garoon/3.0-sp1
version/cybozu garoon/3.0-sp2
version/cybozu garoon/3.0-sp3
version/cybozu garoon/3.1
version/cybozu garoon/3.1-sp1
version/cybozu garoon/3.1-sp2
version/cybozu garoon/3.1-sp3
version/cybozu garoon/3.5-sp1
version/cybozu garoon/3.5-sp2
version/cybozu garoon/3.5-sp3
version/cybozu garoon/3.5-sp4