Description
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter.
Product(s):
- Hitachi Groupmax World Wide Web Desktop 05_00
- Hitachi Groupmax World Wide Web Desktop 05_11_f
- Hitachi Groupmax World Wide Web Desktop 05_11_i
- Hitachi Groupmax World Wide Web Desktop 05_11_j
- Hitachi Groupmax World Wide Web Desktop 06_00
- Hitachi Groupmax World Wide Web Desktop 06_50_b
- Hitachi Groupmax World Wide Web Desktop 06_50_c
- Hitachi Groupmax World Wide Web Desktop 06_51
- Hitachi Groupmax World Wide Web Desktop 06_51 for Jichitai
- Hitachi Groupmax World Wide Web Desktop 06_51_b
- Hitachi Groupmax World Wide Web Desktop 06_51_c
- Hitachi Groupmax World Wide Web Desktop 06_52
- Hitachi Groupmax World Wide Web Desktop 06_52 for Jichitai
- Hitachi Groupmax World Wide Web Desktop 06_52_b
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-2492, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-2492 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.