Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Groupmax_collaboration_portal | Hitachi | 7_20_e (including) | 7_20_e (including) |
| Groupmax_collaboration_portal | Hitachi | 7_30_d (including) | 7_30_d (including) |
| Groupmax_collaboration_web_client | Hitachi | forum_file_share_7_20_d (including) | forum_file_share_7_20_d (including) |
| Groupmax_collaboration_web_client | Hitachi | forum_file_share_7_30_c (including) | forum_file_share_7_30_c (including) |
| Ucosminexus_collaboration_portal | Hitachi | 6_20_e (including) | 6_20_e (including) |
| Ucosminexus_collaboration_portal | Hitachi | 6_30_d (including) | 6_30_d (including) |
| Ucosminexus_collaboration_portal | Hitachi | forum_file_share_6_20_d (including) | forum_file_share_6_20_d (including) |
| Ucosminexus_collaboration_portal | Hitachi | forum_file_share_6_30_c (including) | forum_file_share_6_30_c (including) |
References
- http://osvdb.org/36828
- http://secunia.com/advisories/25507
- http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html
- http://www.securityfocus.com/bid/24263
- http://www.vupen.com/english/advisories/2007/2020
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34659
- http://osvdb.org/36828
- http://secunia.com/advisories/25507
- http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html
- http://www.securityfocus.com/bid/24263
- http://www.vupen.com/english/advisories/2007/2020
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34659