CVE-2016-1149
Published on: 02/16/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:04 PM UTC
Certain versions of Office from Cybozu contain the following vulnerability:
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150.
- CVE-2016-1149 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.1 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | NONE | REQUIRED | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
CHANGED | LOW | LOW | NONE |
CVSS2 Score: 4.3 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | PARTIAL | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
特定の機能を含んだ画面でXSS脆弱性(2015/12/7) | サイボウズからのお知らせ | Vendor Advisory cs.cybozu.co.jp text/html |
![]() |
特定リクエストのパラメータの改ざんで、任意のスクリプトが実行できる【CyVDB-633】【CyVDB-692】【CyVDB-660】(2015/12/14) | サイボウズからのお知らせ | Vendor Advisory cs.cybozu.co.jp text/html |
![]() |
[Internet Explorerの現象]メールに関するクロスサイトスクリプティングの脆弱性[CyVDB-711](2016/01/18) | サイボウズからのお知らせ | Vendor Advisory cs.cybozu.co.jp text/html |
![]() |
お探し物パーツに関するクロスサイトスクリプティングの脆弱性[CyVDB-1015](2016/01/18) | サイボウズからのお知らせ | Vendor Advisory cs.cybozu.co.jp text/html |
![]() |
JVN#69278491: Cybozu Office vulnerable to cross-site scripting | Vendor Advisory jvn.jp text/xml |
![]() |
No Description Provided | Vendor Advisory jvndb.jvn.jp text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Cybozu | Office | 10.0.0 | All | All | All |
Application | Cybozu | Office | 10.0.1 | All | All | All |
Application | Cybozu | Office | 10.0.2 | All | All | All |
Application | Cybozu | Office | 10.1.0 | All | All | All |
Application | Cybozu | Office | 10.1.2 | All | All | All |
Application | Cybozu | Office | 10.2.0 | All | All | All |
Application | Cybozu | Office | 10.3.0 | All | All | All |
Application | Cybozu | Office | 9.0 | All | All | All |
Application | Cybozu | Office | 9.1.0 | All | All | All |
Application | Cybozu | Office | 9.2.0 | All | All | All |
Application | Cybozu | Office | 9.2.1 | All | All | All |
Application | Cybozu | Office | 9.3.0 | All | All | All |
Application | Cybozu | Office | 9.3.1 | All | All | All |
Application | Cybozu | Office | 9.3.2 | All | All | All |
Application | Cybozu | Office | 9.9.0 | All | All | All |
Application | Cybozu | Office | 10.0.0 | All | All | All |
Application | Cybozu | Office | 10.0.1 | All | All | All |
Application | Cybozu | Office | 10.0.2 | All | All | All |
Application | Cybozu | Office | 10.1.0 | All | All | All |
Application | Cybozu | Office | 10.1.2 | All | All | All |
Application | Cybozu | Office | 10.2.0 | All | All | All |
Application | Cybozu | Office | 10.3.0 | All | All | All |
Application | Cybozu | Office | 9.0 | All | All | All |
Application | Cybozu | Office | 9.1.0 | All | All | All |
Application | Cybozu | Office | 9.2.0 | All | All | All |
Application | Cybozu | Office | 9.2.1 | All | All | All |
Application | Cybozu | Office | 9.3.0 | All | All | All |
Application | Cybozu | Office | 9.3.1 | All | All | All |
Application | Cybozu | Office | 9.3.2 | All | All | All |
Application | Cybozu | Office | 9.9.0 | All | All | All |
- cpe:2.3:a:cybozu:office:10.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.1.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.1.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:10.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.1.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.2.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.2.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.0:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.1:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.3.2:*:*:*:*:*:*:*:
- cpe:2.3:a:cybozu:office:9.9.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE