CVE-2022-33151
MEDIUMCybozu Office 10.0.0-10.8.5 - XSS
Title source: llmDescription
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors.
Scores
CVSS v3
6.1
EPSS
0.0019
EPSS Percentile
40.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (1)
cybozu/office
< 10.8.5
Timeline
Published
Aug 18, 2022
Tracked Since
Feb 18, 2026