Cross-Site Scripting Vulnerability in Hitachi Web Server Affecting Cosminexus Products
CVE-2007-5809

Currently unrated

Key Information:

Vendor: Hitachi
Status: Web Server; Ucosminexus Application Server Standard; Ucosminexus Developer Standard; Cosminexus Application Server Enterprise
Vendor: CVE Published:; 5 November 2007

Summary

The vulnerability allows remote attackers to inject unintended web scripts or HTML into the server-status page of Hitachi Web Server versions 01-00 through 03-10. This XSS flaw is initiated through specific HTTP requests, potentially compromising the web application's security and exposing user data. Affected applications utilizing this server must implement immediate patches or vulnerability mitigations to safeguard against exploitation.

References

http://secunia.com/advisories/27421

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/3666

vdb-entryx_refsource_VUPEN

http://www.hitachi-support.com/security_e/vuls_e/HS07-035...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 5, 2007
Vulnerability Reserved
Nov 5, 2007