First published: Wed Aug 18 2021(Updated: )
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Garoon | >=4.6.0<=5.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-20769 is medium (5.4).
The vulnerability allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
The Cross-site scripting vulnerability in Bulletin of Cybozu Garoon affects versions 4.6.0 to 5.0.2.
Yes, please refer to the vendor's advisory for information on how to fix the vulnerability.
The Common Weakness Enumeration (CWE) ID associated with CVE-2021-20769 is CWE-79.