First published: Fri May 17 2019(Updated: )
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Garoon | >=4.0.0<=4.10.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2019-5937.
The severity level of CVE-2019-5937 is medium.
The affected software is Cybozu Garoon versions 4.0.0 to 4.10.1.
Remote authenticated attackers can exploit this vulnerability to inject arbitrary web script or HTML via the user information.
Yes, a fix is available for CVE-2019-5937. Please refer to the provided references for more information.