製品・ソフトウェアに関する情報

JVN脆弱性詳細

サイボウズガルーンにおける複数のクロスサイトスクリプティングの脆弱性

Title	サイボウズガルーンにおける複数のクロスサイトスクリプティングの脆弱性
Summary	サイボウズ株式会社が提供するサイボウズガルーンは、グループウェアです。サイボウズガルーンには、複数のクロスサイトスクリプティングの脆弱性が存在します。
Possible impacts	ユーザのウェブブラウザ上で任意のスクリプトを実行される可能性があります。
Solution	[アップデートする] 開発者が提供する情報をもとに、最新版へアップデートしてください。
Publication Date	Dec. 3, 2013, midnight
Registration Date	Dec. 3, 2013, 12:01 p.m.
Last Update	Dec. 6, 2013, 10:41 a.m.

CVSS2.0 : 警告
Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:P/A:N

Affected System

サイボウズ

サイボウズガルーン 3.7 Service Pack 1 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-6900	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6900
2	CVE-2013-6901	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6901
3	CVE-2013-6902	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6902
4	CVE-2013-6903	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6903
5	CVE-2013-6904	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6904
6	CVE-2013-6905	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6905
7	CVE-2013-6906	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6906
8	CVE-2013-6907	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6907
9	CVE-2013-6908	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6908
10	CVE-2013-6909	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6909
11	CVE-2013-6910	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6910
12	CVE-2013-6911	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6911
13	CVE-2013-6912	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6912
14	CVE-2013-6913	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6913
15	CVE-2013-6914	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6914
16	CVE-2013-6915	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6915
17	CVE-2013-6916	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6916
National Vulnerability Database (NVD)
18	CVE-2013-6900	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6900
19	CVE-2013-6901	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6901
20	CVE-2013-6902	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6902
21	CVE-2013-6903	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6903
22	CVE-2013-6904	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6904
23	CVE-2013-6905	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6905
24	CVE-2013-6906	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6906
25	CVE-2013-6907	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6907
26	CVE-2013-6908	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6908
27	CVE-2013-6909	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6909
28	CVE-2013-6910	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6910
29	CVE-2013-6911	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6911
30	CVE-2013-6912	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6912
31	CVE-2013-6913	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6913
32	CVE-2013-6914	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6914
33	CVE-2013-6915	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6915
34	CVE-2013-6916	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6916

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-79	https://jvndb.jvn.jp/ja/cwe/CWE-79.html

ベンダー情報

No	Name	URL
サイボウズ
1	サイボウズ株式会社の告知ページ	http://cs.cybozu.co.jp/information/20131202up01.php

その他

No	Name	URL
JVN
1	JVN#23981867	http://jvn.jp/jp/JVN23981867/index.html

Change Log

No	Changed Details	Date of change
0	[2013年12月03日] 掲載 [2013年12月06日] 参考情報：National Vulnerability Database (NVD) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-6900

Summary	Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/6153	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/6153	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6901

Summary	Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100555
8	http://osvdb.org/100555
9	https://support.cybozu.com/ja-jp/article/6193	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6193	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6902

Summary	Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/5838	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/5838	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6903

Summary	Cross-site scripting (XSS) vulnerability in a schedule component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100571
8	http://osvdb.org/100571
9	https://support.cybozu.com/ja-jp/article/6165	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6165	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6904

Summary	Cross-site scripting (XSS) vulnerability in a note component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100572
8	http://osvdb.org/100572
9	https://support.cybozu.com/ja-jp/article/6395	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6395	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6905

Summary	Cross-site scripting (XSS) vulnerability in a phone component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100573
8	http://osvdb.org/100573
9	https://support.cybozu.com/ja-jp/article/6195	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6195	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6906

Summary	Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
2	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
3	cpe:2.3:a:microsoft:internet_explorer:8:::::::*

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100574
8	http://osvdb.org/100574
9	https://support.cybozu.com/ja-jp/article/6174	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6174	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6907

Summary	Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/6166	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/6166	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6908

Summary	Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/5870	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/5870	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6909

Summary	Cross-site scripting (XSS) vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/6384	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/6384	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6910

Summary	Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/6434	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/6434	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6911

Summary	Cross-site scripting (XSS) vulnerability in the bulletin-board component in Cybozu Garoon before 3.7.2, when Internet Explorer or Firefox is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100561
8	http://osvdb.org/100561
9	https://support.cybozu.com/ja-jp/article/7158	Patch
10	https://support.cybozu.com/ja-jp/article/7158	Patch

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6912

Summary	Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2, when Internet Explorer 6 through 9 is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
2	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
3	cpe:2.3:a:microsoft:internet_explorer:8:::::::*
4	cpe:2.3:a:microsoft:internet_explorer:9:::::::*

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100560
8	http://osvdb.org/100560
9	https://support.cybozu.com/ja-jp/article/6927	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6927	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6913

Summary	Cross-site scripting (XSS) vulnerability in a search component in Cybozu Garoon before 3.7.2, when Internet Explorer is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100559
8	http://osvdb.org/100559
9	https://support.cybozu.com/ja-jp/article/6928	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/6928	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6914

Summary	Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon::sp1::::::*		3.7
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/7037	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/7037	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6915

Summary	Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon::sp1::::::*		3.7
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	https://support.cybozu.com/ja-jp/article/6896	Vendor Advisory
8	https://support.cybozu.com/ja-jp/article/6896	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

CVE-2013-6916

Summary	Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface Library in Cybozu Garoon before 3.7.2, when Internet Explorer 9 or 10 or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Publication Date	Dec. 5, 2013, 9:55 p.m.
Registration Date	Jan. 26, 2021, 3:48 p.m.
Last Update	Nov. 21, 2024, 10:59 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:microsoft:internet_explorer:9:::::::*
2	cpe:2.3:a:microsoft:internet_explorer:10:::::::*

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp1::::::*			3.7
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp5::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.7:::::::*
execution environment
1	cpe:2.3:a:google:chrome:-:::::::*

Related information, measures and tools

No	URL	タグ
1	http://cs.cybozu.co.jp/information/20131202up01.php
2	http://cs.cybozu.co.jp/information/20131202up01.php
3	http://jvn.jp/en/jp/JVN23981867/index.html
4	http://jvn.jp/en/jp/JVN23981867/index.html
5	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
6	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
7	http://osvdb.org/100554
8	http://osvdb.org/100554
9	https://support.cybozu.com/ja-jp/article/7157	Vendor Advisory
10	https://support.cybozu.com/ja-jp/article/7157	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon::sp5::::::*		3.5
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:mozilla:firefox::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:cybozu:garoon::sp5::::::*			3.5
cpe:2.3:a:cybozu:garoon:2.0:sp2::::::
cpe:2.3:a:cybozu:garoon:2.0:sp4::::::
cpe:2.3:a:cybozu:garoon:2.0:sp3::::::
cpe:2.3:a:cybozu:garoon:2.0:sp5::::::
cpe:2.3:a:cybozu:garoon:2.0:sp1::::::
cpe:2.3:a:cybozu:garoon:2.0:sp6::::::
cpe:2.3:a:cybozu:garoon:2.1:sp3::::::
cpe:2.3:a:cybozu:garoon:2.1:sp2::::::
cpe:2.3:a:cybozu:garoon:2.1:sp1::::::
cpe:2.3:a:cybozu:garoon:2.1:::::::*
cpe:2.3:a:cybozu:garoon:2.5:sp2::::::
cpe:2.3:a:cybozu:garoon:2.5:sp1::::::
cpe:2.3:a:cybozu:garoon:2.5:sp4::::::
cpe:2.3:a:cybozu:garoon:2.5:sp3::::::
cpe:2.3:a:cybozu:garoon:2.5:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp1::::::
cpe:2.3:a:cybozu:garoon:3.0:::::::*
cpe:2.3:a:cybozu:garoon:3.0:sp3::::::
cpe:2.3:a:cybozu:garoon:3.0:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:sp1::::::
cpe:2.3:a:cybozu:garoon:3.1:sp3::::::
cpe:2.3:a:cybozu:garoon:3.1:sp2::::::
cpe:2.3:a:cybozu:garoon:3.1:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp1::::::
cpe:2.3:a:cybozu:garoon:3.5:sp4::::::
cpe:2.3:a:cybozu:garoon:3.5:sp2::::::
cpe:2.3:a:cybozu:garoon:3.5:::::::*
cpe:2.3:a:cybozu:garoon:3.5:sp3::::::
execution environment
1	cpe:2.3:a:microsoft:internet_explorer::::::::