Vulnerabilities > CVE-2006-3574 - Cross-Site Scripting vulnerability in Hitachi products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
hitachi
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to "execute malicious scripts" via unknown vectors (aka HS06-014-01). This vulnerability is addressed in the following product releases: Hitachi, Groupmax Collaboration Portal, 07-20-/D Hitachi, Groupmax Collaboration Web Client, 07-20-/D Hitachi, Cosminexus Collaboration Portal, 06-20-/C
Vulnerable Configurations
References
- http://secunia.com/advisories/20926
- http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html
- http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html
- http://www.securityfocus.com/bid/18830
- http://www.vupen.com/english/advisories/2006/2665
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27605