CVE-2024-39817

Aug. 6, 2024, 4:30 p.m.

Product(s) Impacted

Cybozu Office

  • 10.0.0
  • 10.8.6

Description

Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App.

Weaknesses

Date

Published: Aug. 6, 2024, 5:15 a.m.

Last Modified: Aug. 6, 2024, 4:30 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

References