CVE-2016-1190
Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
Date published : 2016-06-25
https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03