{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T16:58:36.991","vulnerabilities":[{"cve":{"id":"CVE-2024-39457","sourceIdentifier":"vultures@jpcert.or.jp","published":"2024-07-19T09:15:05.343","lastModified":"2025-03-19T21:15:36.217","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser."},{"lang":"es","value":" Cybozu Garoon 6.0.0 a 6.0.1 contiene una vulnerabilidad de Cross Site Scripting en la vista previa de PDF. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web de un usuario que haya iniciado sesión."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cybozu:garoon:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.2","matchCriteriaId":"86C99C88-076E-4108-8D3A-E0117B948240"}]}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN74825766/","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://kb.cybozu.support/?product=garoon&v=&fv=6.0.2&t=%E8%84%86%E5%BC%B1%E6%80%A7&f=&r=&b=&s=&posts_per_page=20","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/jp/JVN74825766/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://kb.cybozu.support/?product=garoon&v=&fv=6.0.2&t=%E8%84%86%E5%BC%B1%E6%80%A7&f=&r=&b=&s=&posts_per_page=20","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}