Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated malicious users to alter arbitrary files via the 'Customapp' function.
cybozu office