Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-39457

Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser.

  • Published: Jul 19, 2024
  • Updated: Aug 23, 2024
  • CVE: CVE-2024-39457
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.4
  • AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
cybozu / garoon 6.0.0 6.0.2