First published: Thu Aug 18 2022(Updated: )
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Office | >=10.0.0<=10.8.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-30604 is a cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5.
A remote attacker can exploit CVE-2022-30604 by injecting an arbitrary script via unspecified vectors.
CVE-2022-30604 has a severity rating of medium.
To fix CVE-2022-30604, users should update Cybozu Office to version 10.8.6 or later.
CWE-79 refers to cross-site scripting (XSS) vulnerabilities.