CVE-2021-20758

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon versions 4.0.0 through 5.0.2

Description: A cross-site request forgery (CSRF) issue allows a remote authenticated attacker to hijack the authentication of administrators and perform arbitrary operations via unspecified vectors.

Recommendations: For versions 4.0.0 through 5.0.2, consider implementing additional security measures to prevent CSRF attacks, such as validating request tokens or restricting access to sensitive operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.