CVE-2013-6901

Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
cybozugaroon
𝑥
≤ 3.5
cybozugaroon
2.0:sp1
cybozugaroon
2.0:sp2
cybozugaroon
2.0:sp3
cybozugaroon
2.0:sp4
cybozugaroon
2.0:sp5
cybozugaroon
2.0:sp6
cybozugaroon
2.1
cybozugaroon
2.1:sp1
cybozugaroon
2.1:sp2
cybozugaroon
2.1:sp3
cybozugaroon
2.5
cybozugaroon
2.5:sp1
cybozugaroon
2.5:sp2
cybozugaroon
2.5:sp3
cybozugaroon
2.5:sp4
cybozugaroon
3.0
cybozugaroon
3.0:sp1
cybozugaroon
3.0:sp2
cybozugaroon
3.0:sp3
cybozugaroon
3.1
cybozugaroon
3.1:sp1
cybozugaroon
3.1:sp2
cybozugaroon
3.1:sp3
cybozugaroon
3.5
cybozugaroon
3.5:sp1
cybozugaroon
3.5:sp2
cybozugaroon
3.5:sp3
cybozugaroon
3.5:sp4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cs.cybozu.co.jp/information/20131202up01.php
http://jvn.jp/en/jp/JVN23981867/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
http://osvdb.org/100555
https://support.cybozu.com/ja-jp/article/6193
http://cs.cybozu.co.jp/information/20131202up01.php
http://jvn.jp/en/jp/JVN23981867/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000113
http://osvdb.org/100555
https://support.cybozu.com/ja-jp/article/6193