fkie_cve-2008-5719
Vulnerability from fkie_nvd
Published
2008-12-26 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server Pages before 06-52-/C and Hitachi Groupmax Workflow - Development Kit for Active Server Pages before 06-52-/A allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970367C6-1AEE-4C40-AC0D-7384DABE7C0A",
"versionEndIncluding": "06-52_b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10:*:*:*:*:*:*:*",
"matchCriteriaId": "127792A9-5BFF-4DAB-BE37-091BCDE81414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_a:*:*:*:*:*:*:*",
"matchCriteriaId": "564EEAFC-3253-4F1A-AEA9-D35A72A9D00A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_b:*:*:*:*:*:*:*",
"matchCriteriaId": "1867AB6D-867D-4B28-99C5-6517F8F293C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_c:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDD3AF3-12C5-49DE-9CDA-0449381336F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_d:*:*:*:*:*:*:*",
"matchCriteriaId": "24393FD0-F237-4CBB-80AB-D91EF7FA75A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00:*:*:*:*:*:*:*",
"matchCriteriaId": "73A4B03B-328C-4484-9D50-BAF02893889A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6114DF-F46E-4BDD-847D-338F9A11E999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_b:*:*:*:*:*:*:*",
"matchCriteriaId": "6C7BE040-D36E-493E-BB12-F27195726991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_c:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC102A3-DD3B-4989-98EF-BE3CAFFA94BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_d:*:*:*:*:*:*:*",
"matchCriteriaId": "92829CAC-FD6D-4900-B1E1-DCF94AF9E145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10:*:*:*:*:*:*:*",
"matchCriteriaId": "75CA0776-4705-4D9E-8F5A-216F04E4B0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_a:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74C462-8CCC-4D9E-8280-F7D1EFD99593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_b:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6C17F6-6CCE-46A2-9E35-BEBB87320EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_c:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DF9449-8FFA-46A8-9EB8-F8D66CF87FF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11:*:*:*:*:*:*:*",
"matchCriteriaId": "7C112803-F9FC-42F6-A94F-6F1828159C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_a:*:*:*:*:*:*:*",
"matchCriteriaId": "8A957A81-3537-463F-BD71-A79158172A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_b:*:*:*:*:*:*:*",
"matchCriteriaId": "4308F30C-28F7-4CC2-87A7-7DBA68B010F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_c:*:*:*:*:*:*:*",
"matchCriteriaId": "9B6CB1BA-4094-42A4-B88D-CF3A34F79C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_d:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC3C0E1-BBBF-47E5-AC2F-A75E900704B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_e:*:*:*:*:*:*:*",
"matchCriteriaId": "6517A78C-246C-4834-B197-E562408070E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20:*:*:*:*:*:*:*",
"matchCriteriaId": "63FB5080-E1E0-45A3-9701-38F1405ACC36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360FF36-04A2-477E-9B73-94AAEE8CEE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_b:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0AAAF9-A390-4B48-971C-43D3E91603F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_c:*:*:*:*:*:*:*",
"matchCriteriaId": "0C96627C-D320-43C9-996A-2D1A36F7B124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-00:*:*:*:*:*:*:*",
"matchCriteriaId": "70A74D9C-9887-4524-8D08-26947C2147DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-01:*:*:*:*:*:*:*",
"matchCriteriaId": "D7F869E6-5913-4671-A88B-74AF7569DAA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-02:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF9061B-714B-415A-9938-0A2D3F0D6EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-03:*:*:*:*:*:*:*",
"matchCriteriaId": "62F0AF46-F5F8-4021-8E4E-852C7158B034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-03_a:*:*:*:*:*:*:*",
"matchCriteriaId": "448026A0-E0A6-464A-81AC-F054A4A56AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-50:*:*:*:*:*:*:*",
"matchCriteriaId": "B9EA1066-6EA1-4BFD-A2DB-F3E0ADF8BCA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-51:*:*:*:*:*:*:*",
"matchCriteriaId": "6227E691-D128-47F1-A17C-0326A3B4AC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-52:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC9A5AC-2B2F-40A2-BAAC-7B50B2B14DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-52_a:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C195A-B1D0-40BD-8D1A-474DD30238C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9313F7D1-75D8-4541-A913-18CEBB760EF7",
"versionEndIncluding": "06-52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F181E44-B7A4-4874-862E-4C2C5711BEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10_a:*:*:*:*:*:*:*",
"matchCriteriaId": "31CE75B1-BB8F-429F-91DB-1EE5D4EAC78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10_b:*:*:*:*:*:*:*",
"matchCriteriaId": "92432528-0A35-4E7E-8BA7-BE6EFA1FE689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00:*:*:*:*:*:*:*",
"matchCriteriaId": "68F1C3DE-5BCC-45B7-AE3B-AE39B0DDD763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00_a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD414F9-F7BB-4B77-A072-48EFABF08414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00_b:*:*:*:*:*:*:*",
"matchCriteriaId": "94FB1BE8-8D8F-448A-8B21-93C8298C0BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-10:*:*:*:*:*:*:*",
"matchCriteriaId": "35A2431C-2CC0-4428-8654-96749A36E0CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-10_a:*:*:*:*:*:*:*",
"matchCriteriaId": "02712285-5746-427B-81AB-78C078A1917E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-11:*:*:*:*:*:*:*",
"matchCriteriaId": "ABDFBC58-DEAA-4D4C-BDE9-74725C513912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-11_a:*:*:*:*:*:*:*",
"matchCriteriaId": "6D98A1F6-0DCA-4B24-991A-6BABE9214D0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-20:*:*:*:*:*:*:*",
"matchCriteriaId": "DF737FC6-414E-4BC5-A0E1-B2562B3AEF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-20_a:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4E473F-41EC-46E3-A598-1CA8515C3919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-00:*:*:*:*:*:*:*",
"matchCriteriaId": "486BCEF1-EC15-406F-8BDE-57C958AAD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-01:*:*:*:*:*:*:*",
"matchCriteriaId": "272EEBC9-1462-4566-AD38-6DEDD30AE51B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-02:*:*:*:*:*:*:*",
"matchCriteriaId": "1119349C-A2DA-4170-97AF-B1DBB1F7266E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-03:*:*:*:*:*:*:*",
"matchCriteriaId": "753DF9B2-008F-498B-961C-873A7DDA13E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-03_a:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB1AFC6-2711-499E-A8CD-BFC7617E6685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-50:*:*:*:*:*:*:*",
"matchCriteriaId": "86B391D2-F27D-4666-8091-324EA24B694C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-51:*:*:*:*:*:*:*",
"matchCriteriaId": "F68E3986-5C94-4AAA-B24A-A98D8068E21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server Pages before 06-52-/C and Hitachi Groupmax Workflow - Development Kit for Active Server Pages before 06-52-/A allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Hitachi Groupmax Web Workflow SDK Set para Active Server Pages antes de v06-52-/C e Hitachi Groupmax Workflow - Development Kit para Active Server Pages antes de v06-52-/A permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante vectores no especificados."
}
],
"id": "CVE-2008-5719",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-26T17:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33281"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2008/Dec/1021483.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-026/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2008/Dec/1021483.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-026/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32833"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…