Hitachi uCosminexus Products Unspecified Cross-Site Scripting Vulnerability

Bugtraq ID:	51745
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 31 2012 12:00AM
Updated:	Jan 31 2012 12:00AM
Credit:	Hitachi
Vulnerable:	Hitachi uCosminexus Stream Data Platform 0 Hitachi uCosminexus EUR Print Manager - Report Server 0 Hitachi HiRDB RealTime Monitor 0
Not Vulnerable:

Hitachi uCosminexus Products Unspecified Cross-Site Scripting Vulnerability

Hitachi uCosminexus products are prone to a cross-site scripting vulnerability because they fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

The following products are affected:

uCosminexus Stream Data Platform - Application Framework
uCosminexus EUR Print Manager - Report Server
HiRDB RealTime Monitor

Hitachi uCosminexus Products Unspecified Cross-Site Scripting Vulnerability

References:

• Hitachi Homepage (Hitachi)
  
• Cross-site Scripting Vulnerability in uCosminexus Products (Hitachi)