CVE-2024-31401

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the product.
Configurations

No configuration.

History

21 Nov 2024, 09:13

Type Values Removed Values Added
References () https://cs.cybozu.co.jp/2024/007901.html - () https://cs.cybozu.co.jp/2024/007901.html -
References () https://jvn.jp/en/jp/JVN28869536/ - () https://jvn.jp/en/jp/JVN28869536/ -

03 Jul 2024, 01:54

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.0
CWE CWE-79

11 Jun 2024, 13:54

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de Cross-Site Scripting en Cybozu Garoon 5.0.0 a 5.15.2 permite a un atacante remoto autenticado con privilegios administrativos inyectar un script arbitrario en el navegador web del usuario que inicia sesión en el producto.

11 Jun 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-11 05:15

Updated : 2024-11-21 09:13


NVD link : CVE-2024-31401

Mitre link : CVE-2024-31401

CVE.ORG link : CVE-2024-31401


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')