CVE-2016-4868

2017-04-1715:00:00

jpcert

www.cve.org

AI Score

4.8

Confidence

High

EPSS

0.002

Percentile

55.6%

JSON

Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests.

References

jvn.jp/en/jp/JVN08736331/index.html

jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000190.html

www.securityfocus.com/bid/97713

support.cybozu.com/ja-jp/article/9433