PT-2019-17921 · Cybozu · Cybozu Garoon

Shoji Baba

Published

2019-09-12

Updated

2019-09-13

CVE-2019-5991

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions Cybozu Garoon versions 4.0.0 through 4.10.3

Description The issue allows remote authenticated attackers to execute arbitrary SQL commands.

Recommendations For versions 4.0.0 through 4.10.3, update to a version that contains a fix for this issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2019-5991

Cybozu Garoon