CVE-2018-0558

Description

Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Mailwise5.0.0 to 5.4.1 – 5.0.0 to 5.4.1

References

• MISChttp://jvn.jp/en/jp/JVN52319657/index.html
• MISChttps://support.cybozu.com/ja-jp/article/10193