Description
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References (7)
Core 7
Core References
Vendor Advisory x_refsource_confirm
http://cybozu.co.jp/products/dl/notice/detail/0018.html
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN18405927/index.html
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000033.html
Vendor Advisory x_refsource_confirm
http://cybozu.co.jp/products/dl/notice/detail/0016.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43438
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30882
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/46575
Scores
EPSS
0.0033
EPSS Percentile
56.3%
Details
CWE
CWE-352
Status
published
Products (13)
cybozu/cybozu_dezie
< 6
cybozu/cybozu_garoon
2.0.0
cybozu/cybozu_garoon
2.0.1
cybozu/cybozu_garoon
2.0.2
cybozu/cybozu_garoon
2.0.3
cybozu/cybozu_garoon
2.0.4
cybozu/cybozu_garoon
2.0.5
cybozu/cybozu_garoon
2.0.6
cybozu/cybozu_garoon
2.1.0
cybozu/cybozu_garoon
2.1.1
... and 3 more
Published
Apr 23, 2009
Tracked Since
Feb 18, 2026