CVE-2011-1333

Cybozu Office 6-Cybozu Garoon 2.0.0-2.1.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."

References (6)

Scores

EPSS 0.0052
EPSS Percentile 66.4%

Classification

CWE
CWE-79
Status published

Affected Products (13)

cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/garoon
cybozu/office
n/a/n/a

Timeline

Published Jun 29, 2011
Tracked Since Feb 18, 2026