CVE-2014-1994

CVE-2014-1994

EPSS 0.9%

Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://cs.cybozu.co.jp/information/gr20140714up04.php http://jvndb.jvn.jp/jvndb/JVNDB-2014-000076 http://jvn.jp/en/jp/JVN80583739/index.html