PT-2011-3065 · Cybozu · Cybozu Collaborex+4
Publicado
2011-06-29
·
Atualizado
2011-06-30
·
CVE-2011-1334
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cybozu Office 6
Cybozu Garoon versions 2.0.0 through 2.1.3
Cybozu Dezie versions prior to 6.1
Cybozu MailWise versions prior to 3.1
Cybozu Collaborex versions prior to 1.5
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors related to downloading graphic files from the mail system.
Recommendations
For Cybozu Office 6, update to a version that addresses this issue.
For Cybozu Garoon versions 2.0.0 through 2.1.3, update to a version later than 2.1.3.
For Cybozu Dezie versions prior to 6.1, update to version 6.1 or later.
For Cybozu MailWise versions prior to 3.1, update to version 3.1 or later.
For Cybozu Collaborex versions prior to 1.5, update to version 1.5 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cybozu Collaborex
Cybozu Dezie
Cybozu Garoon
Cybozu Mailwise
Cybozu Office