CVE-2007-5809
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
05/11/2007
Last modified:
08/03/2011
Description
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:hitachi:cosminexus_application_server_enterprise:*:*:*:*:*:*:*:* | 06_51_j (including) | |
cpe:2.3:a:hitachi:cosminexus_application_server_standard:*:*:*:*:*:*:*:* | 06_51_j (including) | |
cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:* | 06_51_j (including) | |
cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:* | 06_51_j (including) | |
cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:* | 06_51_j (including) | |
cpe:2.3:a:hitachi:cosminexus_server:*:*:*:*:*:*:*:* | 04_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:* | 06_71_d (including) | |
cpe:2.3:a:hitachi:ucosminexus_developer_professional:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:* | 07_50_01 (including) | |
cpe:2.3:a:hitachi:web_server:01_00:*:hpux:*:*:*:*:* | ||
cpe:2.3:a:hitachi:web_server:01_00:*:solaris:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page