| Vulnerability Name: | CVE-2006-1574 (CCN-25574) | ||||||||
| Assigned: | 2006-03-31 | ||||||||
| Published: | 2006-03-31 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Apply patch : http://www.hitachi-support.com/security_e/vuls_e/HS06-005_e/index-e.html | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-1574 Source: CCN Type: SA19483 Groupmax World Wide Web Cross-Site Scripting Vulnerability Source: SECUNIA Type: Vendor Advisory 19483 Source: CCN Type: Hitachi Software Vulnerability Information HS06-005-01 Cross-site Scripting Vulnerability in Groupmax World Wide Web Desktop and Groupmax World Wide Web Desktop for Scheduler Source: CONFIRM Type: Patch http://www.hitachi-support.com/security_e/vuls_e/HS06-005_e/index-e.html Source: OSVDB Type: UNKNOWN 24295 Source: CCN Type: OSVDB ID: 24295 Hitachi Groupmax World Wide Web Multiple Products Unspecified XSS Source: BID Type: UNKNOWN 17337 Source: CCN Type: BID-17337 Hitachi Groupmax World Wide Web Unspecified Cross-Site Scripting Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-1180 Source: XF Type: UNKNOWN groupmax-www-xss(25574) Source: XF Type: UNKNOWN groupmax-www-xss(25574) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||