Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
BID:17337
Info
Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
| Bugtraq ID: | 17337 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 31 2006 12:00AM |
| Updated: | Apr 03 2006 05:58PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
Hitachi Groupmax World Wide Web for Scheduler 03-11 Hitachi Groupmax World Wide Web for Scheduler 03-10 Hitachi Groupmax World Wide Web for Scheduler 03-00 Hitachi Groupmax World Wide Web for Scheduler 02-31-/A Hitachi Groupmax World Wide Web for Scheduler 02-20 Hitachi Groupmax World Wide Web for Scheduler 02-10 Hitachi Groupmax World Wide Web for Scheduler 02-00 Hitachi Groupmax World Wide Web Desktop for Scheduler 05-11-/A Hitachi Groupmax World Wide Web Desktop for Scheduler 05-11 Hitachi Groupmax World Wide Web Desktop for Scheduler 05-00 Hitachi Groupmax World Wide Web Desktop for Jichitai 06-52-/A Hitachi Groupmax World Wide Web Desktop for Jichitai 06-52 Hitachi Groupmax World Wide Web Desktop for Jichitai 06-51 Hitachi Groupmax World Wide Web Desktop 06-52-/E Hitachi Groupmax World Wide Web Desktop 06-52-/C Hitachi Groupmax World Wide Web Desktop 06-52-/B Hitachi Groupmax World Wide Web Desktop 06-52 Hitachi Groupmax World Wide Web Desktop 06-51-/C Hitachi Groupmax World Wide Web Desktop 06-51-/B Hitachi Groupmax World Wide Web Desktop 06-51 Hitachi Groupmax World Wide Web Desktop 06-50-/C Hitachi Groupmax World Wide Web Desktop 06-50-/B Hitachi Groupmax World Wide Web Desktop 06-00 Hitachi Groupmax World Wide Web Desktop 05-11-/J Hitachi Groupmax World Wide Web Desktop 05-11-/I Hitachi Groupmax World Wide Web Desktop 05-11-/F Hitachi Groupmax World Wide Web Desktop 05-00 Hitachi Groupmax World Wide Web 03-11-/B Hitachi Groupmax World Wide Web 03-10-/H Hitachi Groupmax World Wide Web 03-00 Hitachi Groupmax World Wide Web 02-31-/I Hitachi Groupmax World Wide Web 02-31-/E Hitachi Groupmax World Wide Web 02-20-/A Hitachi Groupmax World Wide Web 02-20 Hitachi Groupmax World Wide Web 02-10 Hitachi Groupmax World Wide Web 02-00 |
| Not Vulnerable: |
Hitachi Groupmax World Wide Web Desktop 06-52-/F Hitachi Groupmax World Wide Web 06-52-/F |
Discussion
Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
Hitachi Groupmax World Wide Web is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Hitachi Groupmax World Wide Web is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
This issue can be exploited through a web client.
This issue can be exploited through a web client.
Solution / Fix
Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
Solution:
Hitachi has released advisory HS06-005, along with fixes to address this issue. Please see the referenced advisory for further information on obtaining and applying fixes.
Solution:
Hitachi has released advisory HS06-005, along with fixes to address this issue. Please see the referenced advisory for further information on obtaining and applying fixes.
References
Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability
References:
References: