CVE-2026-22881
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
5.7 / 10
Vector String
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Vulnerability Description
Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
Cybozu, Inc.
Product
Cybozu Garoon
Discussion (0)
Add Comment
No comments yet. Be the first!