Vulnerabilities > Hitachi > Cosminexus Application Server > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-01 | CVE-2007-4124 | Unspecified vulnerability in Hitachi products The session failover function in Cosminexus Component Container in Cosminexus 6, 6.7, and 7 before 20070731, as used in multiple Hitachi products, can use session data for the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information, corrupt another user's session data, and possibly gain privileges. network hitachi | 4.9 |
2007-01-26 | CVE-2007-0514 | Cross-Site Scripting vulnerability in Ucosminexus Developer Light Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps. network hitachi | 6.8 |