Masato Kinugawa

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions 5.0.0 through 6.0.3 **Description** A cross-site scripting issue exists in the E-mail function. This could allow an attacker to reset passwords for any user. **Recommendations** Update to a version later than 6.0.3.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 147.0.2 **Description** A mitigation bypass exists in the Privacy: Anti-Tracking component. This issue allows bypassing of implemented protections. **Recommendations** Update Firefox to version 147.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 145 Firefox ESR versions prior to 140.5 Firefox ESR versions prior to 115.30 **Description** A mitigation bypass exists in the DOM: Core & HTML component. This issue could allow for bypassing security mitigations. **Recommendations** Update Firefox to version 145 or later. Update Firefox ESR to version 140.5 or later. Update Firefox ESR to version 115.30 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 144 Firefox ESR versions prior to 140.4 Thunderbird versions prior to 144 Thunderbird versions prior to 140.4 **Description** A malicious webpage could exploit the `type` attribute of an OBJECT tag to bypass standard browser security measures when handling web resources lacking a content-type header. This could lead to a cross-site scripting (XSS) attack on websites that do not securely serve files without specifying a content-type. **Recommendations** Update Firefox to version 144 or later. Update Firefox ESR to version 140.4 or later. Update Thunderbird to version 144 or later. Update Thunderbird to version 140.4 or later.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Firefox ESR versions prior to 128.12 Description: The issue arises from incorrect URL parsing when handling an `embed` tag, potentially rewriting the URL to a specific domain, such as youtube.com, and bypassing security checks that restrict embedding from certain domains. Recommendations: For Firefox versions prior to 140, update to version 140 or later. For Firefox ESR versions prior to 128.12, update to version 128.12 or later.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 133 Firefox ESR versions prior to 128.5 Firefox ESR versions prior to 115.18 Thunderbird versions prior to 133 Thunderbird versions prior to 128.5 Thunderbird versions prior to 115.18 Description: The issue is related to Enhanced Tracking Protection's Strict mode, which may have allowed a Content Security Policy (CSP) `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This could have exposed users to malicious frames masquerading as legitimate content, potentially allowing an attacker to perform a DOM-based XSS attack by exploiting the lack of protection for the web page structure. Recommendations: For Firefox versions prior to 133, update to version 133 or later. For Firefox ESR versions prior to 128.5, update to version 128.5 or later. For Firefox ESR versions prior to 115.18, update to version 115.18 or later. For Thunderbird versions prior to 133, update to version 133 or later. For Thunderbird versions prior to 128.5, update to version 128.5 or later. For Thunderbird versions prior to 115.18, update to version 115.18 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 132 Firefox ESR versions prior to 128.4 Thunderbird versions prior to 128.4 Thunderbird versions prior to 132 **Description** The issue is related to the lack of protection for the structure of web pages, which could allow a remote attacker to gain unauthorized access to protected information. In multipart/x-mixed-replace responses, the `Content-Disposition: attachment` in the response header was not respected, potentially allowing XSS attacks. **Recommendations** For Firefox versions prior to 132, update to version 132 or later. For Firefox ESR versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 132, update to version 132 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 131 Firefox ESR versions prior to 128.3 Firefox ESR versions prior to 115.16 Thunderbird versions prior to 128.3 Thunderbird versions prior to 131 **Description** The issue is related to a CORS mechanism error in Mozilla Firefox, Firefox ESR, and the Thunderbird email client, specifically with the `resource://pdf.js` path. An attacker could exploit this by sending a specially crafted multipart response, allowing them to execute arbitrary JavaScript under the `resource://pdf.js` origin. This could enable access to cross-origin PDF content, with the level of access varying between desktop and Android versions due to the Site Isolation feature. **Recommendations** For Firefox versions prior to 131, update to version 131 or later. For Firefox ESR versions prior to 128.3, update to version 128.3 or later. For Firefox ESR versions prior to 115.16, update to version 115.16 or later. For Thunderbird versions prior to 128.3, update to version 128.3 or later. For Thunderbird versions prior to 131, update to version 131 or later. As a temporary workaround, consider restricting access to the `resource://pdf.js` path until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 131 Firefox ESR versions prior to 128.3 Firefox ESR versions prior to 115.16 Thunderbird versions prior to 128.3 Thunderbird versions prior to 131 **Description** An attacker could execute arbitrary JavaScript under the `resource://devtools` origin via a specially crafted multipart response. This could allow them to access cross-origin JSON content, with access limited to "same site" documents on desktop clients due to the Site Isolation feature, but full cross-origin access is possible on Android versions. **Recommendations** For Firefox versions prior to 131, update to version 131 or later. For Firefox ESR versions prior to 128.3, update to version 128.3 or later. For Firefox ESR versions prior to 115.16, update to version 115.16 or later. For Thunderbird versions prior to 128.3, update to version 128.3 or later. For Thunderbird versions prior to 131, update to version 131 or later. As a temporary workaround, consider disabling access to the `resource://devtools` origin until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 129 Firefox ESR versions prior to 115.14 Firefox ESR versions prior to 128.1 **Description** The issue is related to the Content Security Policy component in Firefox browsers, specifically in "strict-dynamic" mode. An attacker who can inject an HTML element could use a DOM Clobbering attack on some web-compatibility shims and achieve cross-site scripting (XSS), bypassing the CSP strict-dynamic protection. This could allow a remote attacker to perform cross-site scripting attacks. **Recommendations** For Firefox versions prior to 129, update to version 129 or later. For Firefox ESR versions prior to 115.14, update to version 115.14 or later. For Firefox ESR versions prior to 128.1, update to version 128.1 or later.

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions 6.0.0 through 6.0.1 **Description** The issue is related to a cross-site scripting vulnerability in the PDF preview feature. If exploited, this could allow an arbitrary script to be executed on a logged-in user's web browser. **Recommendations** For Cybozu Garoon versions 6.0.0 through 6.0.1, consider disabling the PDF preview feature until a patch is available to prevent potential script execution on a user's web browser.

**Name of the Vulnerable Software and Affected Versions** Docker Desktop versions prior to 4.12.0 **Description** The issue is related to incorrect code generation management, which can be exploited by a remote attacker to execute arbitrary code. This can be achieved via a crafted extension description or changelog. **Recommendations** For Docker Desktop versions prior to 4.12.0, update to version 4.12.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted extension descriptions or changelogs until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Docker Desktop versions prior to 4.12.0 **Description** The issue is related to incorrect code generation management in Docker Desktop, allowing a remote attacker to execute arbitrary code via query parameters in the message-box route. This can lead to remote code execution (RCE). **Recommendations** For Docker Desktop versions prior to 4.12.0, update to version 4.12.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the message-box route to minimize the risk of exploitation. Avoid using query parameters in the message-box route until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 106.0.5249.62 **Description** The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass content security policy via a crafted HTML page. This could potentially impact a significant number of devices worldwide, given the popularity of Google Chrome. However, specific numbers of potentially affected devices are not provided. **Recommendations** For versions prior to 106.0.5249.62, update to version 106.0.5249.62 or later to resolve the issue. As a temporary workaround, consider restricting access to DevTools until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Cybozu Office versions 10.0.0 through 10.8.5 **Description** The issue allows remote attackers to inject an arbitrary script via unspecified vectors, exploiting a cross-site scripting vulnerability in specific parameters. **Recommendations** For Cybozu Office versions 10.0.0 through 10.8.5, consider restricting access to the vulnerable parameters to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cybozu Office versions 10.0.0 through 10.8.5 **Description** The issue allows a remote attacker to inject an arbitrary script via unspecified vectors, exploiting a cross-site scripting vulnerability in specific parameters. **Recommendations** For Cybozu Office versions 10.0.0 through 10.8.5, consider restricting access to the vulnerable parameters as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cybozu Office versions 10.0.0 through 10.8.5 **Description** The issue allows a remote attacker to obtain and/or alter the data of the product via unspecified vectors. This is due to an HTTP header injection vulnerability. **Recommendations** For Cybozu Office versions 10.0.0 through 10.8.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cybozu Garoon versions 4.10.2 through 5.5.1 **Description** A cross-site scripting issue allows a remote attacker to execute an arbitrary script on the logged-in user's web browser. **Recommendations** For versions 4.10.2 through 5.5.1, update to a version that contains a fix for this issue to prevent arbitrary script execution on the user's web browser.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 101.0.4951.41 Microsoft Edge (affected versions not specified) **Description** The issue is related to insufficient data validation in Trusted Types, allowing a remote attacker to bypass trusted types policy via a crafted HTML page. This could potentially lead to the disclosure of protected information. **Recommendations** For Google Chrome versions prior to 101.0.4951.41, update to version 101.0.4951.41 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.0.0 through 5.0.2 Description: A cross-site scripting issue in the Scheduler component allows a remote authenticated attacker to inject an arbitrary script. Recommendations: For Cybozu Garoon versions 4.0.0 through 5.0.2, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.