First published: Wed Aug 18 2021(Updated: )
Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Garoon | >=4.0.0<=5.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-20771 is a cross-site scripting vulnerability in some functions of E-Mail in Cybozu Garoon 4.0.0 to 5.5.0.
CVE-2021-20771 has a severity of 6.1, which is considered medium.
A remote attacker can exploit CVE-2021-20771 by injecting an arbitrary script through unspecified vectors.
Cybozu Garoon versions 4.0.0 to 5.5.0 are affected by CVE-2021-20771.
To fix CVE-2021-20771, it is recommended to upgrade Cybozu Garoon to a version higher than 5.5.0.