CVE-2006-3574 - Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web

CVE-2006-3574

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to "execute malicious scripts" via unknown vectors (aka HS06-014-01). This vulnerability is addressed in the following product releases: Hitachi, Groupmax Collaboration Portal, 07-20-/D Hitachi, Groupmax Collaboration Web Client, 07-20-/D Hitachi, Cosminexus Collaboration Portal, 06-20-/C

References

Vulnerable Configurations

cpe:2.3:a:hitachi:cosminexus_collaboration_portal:6.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:6.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:06_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:06_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:cosminexus_collaboration_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:7.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:7.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:07_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:7.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:7.2:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:07_00:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*
cpe:2.3:a:hitachi:groupmax_collaboration_web_client:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	18830
confirm	http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/01-e.html http://www.hitachi-support.com/security_e/vuls_e/HS06-014_e/index-e.html
secunia	20926
vupen	ADV-2006-2665
xf	hitachi-multiple-products-xss(27605)

Last major update

20-07-2017 - 01:32

Published

13-07-2006 - 10:05

Last modified

20-07-2017 - 01:32