CVE-2007-4760

Currently unrated

Key Information:

Vendor: Hitachi
Status: Ucosminexus Service Platform; Ucosminexus Developer Standard; Ucosminexus Application Server Standard; Ucosminexus Application Server Enterprise
Vendor: CVE Published:; 8 September 2007

Summary

The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.

References

http://www.vupen.com/english/advisories/2007/3033

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/26671

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/36393

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 8, 2007
Vulnerability Reserved
Sep 7, 2007