Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-31401

June 11, 2024, 1:54 p.m.

Product(s) Impacted

Cybozu Garoon

  • 5.0.0
  • 5.15.2

Description

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the product.

Weaknesses

Date

Published: June 11, 2024, 5:15 a.m.

Last Modified: June 11, 2024, 1:54 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References

https://cs.cybozu.co.jp/ vultures@jpcert.or.jp

https://jvn.jp/ vultures@jpcert.or.jp