CVE Vulnerabilities

CVE-2004-2497

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Affected Software

Name Vendor Start Version End Version
Web_page_generator Hitachi 01_00 01_00
Web_page_generator Hitachi 01_01_c 01_01_c
Web_page_generator Hitachi 02_00 02_00
Web_page_generator Hitachi 02_00_c 02_00_c
Web_page_generator_enterprise Hitachi 03_00 03_00
Web_page_generator_enterprise Hitachi 03_02_c 03_02_c
Web_page_generator_enterprise Hitachi 03_03 03_03
Web_page_generator_enterprise Hitachi 03_03_c 03_03_c
Web_page_generator_enterprise Hitachi 03_03_d 03_03_d
Web_page_generator_enterprise Hitachi 04_00 04_00
Web_page_generator_enterprise Hitachi 04_00_c 04_00_c
Web_page_generator_enterprise Hitachi 04_01 04_01
Web_page_generator_enterprise Hitachi 04_01_b 04_01_b

References