Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27814 of 28407

CVE-2016-4907

Posted by Cyberthreat Blog | Jun 9, 2017 | CVE Notifications |

Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.

CVE-2016-4910

Posted by Cyberthreat Blog | Jun 9, 2017 | CVE Notifications |

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators’ MultiReport filters via unspecified vectors.

CVE-2016-4906

Posted by Cyberthreat Blog | Jun 9, 2017 | CVE Notifications |

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via “Messages” function of Cybozu Garoon Keitai.

CVE-2016-4908

Posted by Cyberthreat Blog | Jun 9, 2017 | CVE Notifications |

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user’s private RSS settings via unspecified vectors.

CVE-2016-4909

Posted by Cyberthreat Blog | Jun 9, 2017 | CVE Notifications |

Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.

Author: Cyberthreat Blog

CVE-2016-4907

CVE-2016-4910

CVE-2016-4906

CVE-2016-4908

CVE-2016-4909