Cross-site Scripting Flaw in Cybozu Office by Cybozu
CVE-2022-28715
6.1MEDIUM
What is CVE-2022-28715?
A cross-site scripting vulnerability exists in Cybozu Office versions 10.0.0 to 10.8.5, allowing remote attackers to inject arbitrary scripts through certain parameters. This flaw can lead to unauthorized actions initiated by users and potential compromises of sensitive data when malicious scripts are executed in the context of the victim’s browser.
Affected Version(s)
Cybozu Office 10.0.0 to 10.8.5