📦 Garoon

This is a cross-site scripting (XSS) vulnerability in Cybozu Garoon that allows authenticated administrators to inject malicious scripts into web pages. When exploited, these scripts execute in the br...

An improper input verification vulnerability in Cybozu Garoon allows attackers to modify portal settings without proper authorization. This could block legitimate users from accessing the system. Affe...

This vulnerability allows authenticated remote attackers to bypass operation restrictions in Cybozu Garoon, enabling them to alter file information and delete files. It affects all users of Cybozu Gar...

This CSRF vulnerability in Cybozu Garoon allows authenticated attackers to trick administrators into performing unintended actions by exploiting their active sessions. It affects all Garoon users with...

A cross-site scripting vulnerability in the email function of Cybozu Garoon allows attackers to inject malicious scripts that can reset arbitrary users' passwords. This affects organizations using Cyb...

A cross-site scripting vulnerability in the Message function of Cybozu Garoon allows attackers to inject malicious scripts that can reset arbitrary users' passwords. This affects Cybozu Garoon version...

This vulnerability allows attackers to inject malicious scripts into PDF previews in Cybozu Garoon. When exploited, these scripts execute in the browsers of logged-in users, potentially stealing sessi...

An improper handling of extra values vulnerability in Cybozu Garoon allows authenticated administrators to cause a denial-of-service condition. This affects users with administrative privileges on vul...

This vulnerability in Cybozu Garoon allows authenticated users to access sensitive user list information that should be restricted. It affects all users who can log into vulnerable versions of the sof...

An incorrect authorization vulnerability in Cybozu Garoon allows authenticated users to delete Shared To-Do data they shouldn't have access to. This affects organizations using Garoon versions 5.0.0 t...

This vulnerability in Cybozu Garoon allows authenticated users to view sensitive Scheduler data they shouldn't have access to. It affects users who can log into Garoon versions 5.5.0 through 6.0.0. Th...