Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated malicious users to alter mail header via the application 'E-Mail'.
cybozu garoon