CVE-2021-20805

Description

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Remote Service3.1.7 to 3.1.9 – 3.1.7 to 3.1.9

References

• MISChttps://jvn.jp/en/jp/JVN52694228/index.html
• MISChttps://kb.cybozu.support/article/37431