Lucene search
Japan Vulnerability NotesJVN:21336955HistoryDec 10, 2013 - 12:00 a.m.
JVN#21336955: Cybozu Dezie vulnerable to cross-site scripting
2013-12-1000:00:00
Japan Vulnerability Notes
jvn.jp
24
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.1%
Cybozu Dezie provided by Cybozu, Inc. contains a cross-site scripting vulnerability.
Impact
An arbitrary script may be executed on the web browser of a user that is logged on.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Cybozu Dezie 8.0.7 and earlier
- Cybozu Office plus Dezie 8.0.7 and earlier
- Cybozu Dezie 8.0.7 for ASP and earlier
According to the developer, this vulnerability does not affect the “customapp” shipped with Cybozu Office 9.0 and later, and the “customapp” provided by Cybozu Office on cybozu.com.
Related
cve
cve
CVE-2013-6005
2013-12-13 18:07:51
nvd
nvd
CVE-2013-6005
2013-12-13 18:07:51
prion
prion
Cross site scripting
2013-12-13 18:07:00
cvelist
cvelist
CVE-2013-6005
2013-12-13 15:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.1%
Related for JVN:21336955