Vulnerabilities > CVE-2005-4322 - Cross-Site Scripting vulnerability in Hitachi products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
hitachi
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
References
- http://secunia.com/advisories/17634/
- http://securitytracker.com/alerts/2005/Nov/1015241.html
- http://securitytracker.com/alerts/2005/Nov/1015242.html
- http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/01-e.html
- http://www.osvdb.org/20969
- http://www.osvdb.org/22126
- http://www.securityfocus.com/bid/15498
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23197