CVE-2016-1195

Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.4 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
cybozugaroon
3.0.0
cybozugaroon
3.0.1
cybozugaroon
3.0.2
cybozugaroon
3.0.3
cybozugaroon
3.1.0
cybozugaroon
3.1.1
cybozugaroon
3.1.2
cybozugaroon
3.1.3
cybozugaroon
3.5.0
cybozugaroon
3.5.1
cybozugaroon
3.5.2
cybozugaroon
3.5.3
cybozugaroon
3.5.4
cybozugaroon
3.5.5
cybozugaroon
3.7.0
cybozugaroon
3.7.1
cybozugaroon
3.7.2
cybozugaroon
3.7.3
cybozugaroon
3.7.4
cybozugaroon
3.7.5
cybozugaroon
4.0.0
cybozugaroon
4.0.1
cybozugaroon
4.0.2
cybozugaroon
4.0.3
cybozugaroon
4.2.0
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN32218514/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000081
https://support.cybozu.com/ja-jp/article/8987
http://jvn.jp/en/jp/JVN32218514/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000081
https://support.cybozu.com/ja-jp/article/8987