Cybozu Products Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

Cybozu Products Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

Cybozu products are prone to multiple cross-site scripting and denial-of-service vulnerabilities because the applications fail to properly handle user-supplied input.

An attacker may leverage these issues to cause denial-of-service conditions or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.