Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Groupmax_world_wide_web_desktop | Hitachi | 05_00 (including) | 05_00 (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 05_11_f (including) | 05_11_f (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 05_11_i (including) | 05_11_i (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 05_11_j (including) | 05_11_j (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_00 (including) | 06_00 (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_50_b (including) | 06_50_b (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_50_c (including) | 06_50_c (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_51 (including) | 06_51 (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_51_b (including) | 06_51_b (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_51_c (including) | 06_51_c (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_52 (including) | 06_52 (including) |
| Groupmax_world_wide_web_desktop | Hitachi | 06_52_b (including) | 06_52_b (including) |
References
- http://secunia.com/advisories/13321
- http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html
- http://www.osvdb.org/12154
- http://www.securityfocus.com/bid/11773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18277
- http://secunia.com/advisories/13321
- http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html
- http://www.osvdb.org/12154
- http://www.securityfocus.com/bid/11773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18277