Description
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components.
Affected products
- Hitachi / cosminexus_collaboration_portal06_10_b
- Hitachi / cosminexus_collaboration_portal06_00 – 06_00
- Hitachi / groupmax_collaboration_portal07_10_b
- Hitachi / groupmax_collaboration_portal07_00 – 07_00
- Hitachi / groupmax_collaboration_web_client07_10_a
- Hitachi / groupmax_collaboration_web_client07_00 – 07_00
References
- MISChttp://securitytracker.com/alerts/2005/Nov/1015241.html
- MISChttp://www.osvdb.org/20969
- VENDOR_ADVISORYhttp://secunia.com/advisories/17634/
- MISChttp://www.securityfocus.com/bid/15498
- MISChttp://securitytracker.com/alerts/2005/Nov/1015242.html
- MISChttp://www.osvdb.org/22126
- MISChttp://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/23197
Updated 21m ago · 4 sources