CVE-2016-4907by Jeremyin Security Bulletinson Posted on June 9, 2017 Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.