CVE-2019-6022

Description

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.

Affected products

• Cybozu, Inc. / Cybozu Office10.0.0 to 10.8.3 – 10.0.0 to 10.8.3

References

• MISChttps://kb.cybozu.support/article/36124
• MISChttp://jvn.jp/en/jp/JVN79854355/index.html