Multiple Cross-Site Scripting Vulnerabilities in Hitachi Collaboration Products
CVE-2005-4322

Currently unrated

Key Information:

Vendor: Hitachi
Status: Groupmax Collaboration Web Client; Groupmax Collaboration Portal; Cosminexus Collaboration Portal
Vendor: CVE Published:; 17 December 2005

Summary

Multiple cross-site scripting vulnerabilities exist in Hitachi's Cosminexus Collaboration Portal and Groupmax Collaboration products, allowing remote attackers to inject arbitrary web scripts or HTML. The vulnerabilities affect specific components, namely the Schedule and Calendar, making them susceptible to exploitation. Successful exploitation can lead to unauthorized actions and information disclosure, putting users at risk.

References

http://securitytracker.com/alerts/2005/Nov/1015241.html

vdb-entryx_refsource_SECTRACK

http://www.osvdb.org/20969

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/17634/

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 17, 2005
Vulnerability Reserved
Dec 17, 2005