Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the contents of application 'Address' without modify privileges via the application 'Address'.Referenceshttp://jvn.jp/en/jp/JVN58849431/index.htmlhttps://kb.cybozu.support/article/35487/
