CVE-2021-20795

Description

Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended operations may be performed via unspecified vectors.

Affected products

• Cybozu, Inc. / Cybozu Remote Service3.1.8 to 3.1.9 – 3.1.8 to 3.1.9

References

• MISChttps://kb.cybozu.support/article/37422
• MISChttps://jvn.jp/en/jp/JVN52694228/index.html