Arbitrary Web Script Injection Vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3

Arbitrary Web Script Injection Vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3

CVE-2011-1333 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the bulletin board system."

Learn more about our Cis Benchmark Audit For Microsoft Office.