Author: Cyberthreat Blog

sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to inject arbitrary email headers.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to obtain session information from users.

Cross-site scripting (XSS) vulnerability in “Schedule” function in Cybozu Office 9.0.0 through 10.4.0.