Cross-site scripting vulnerability in Hitachi Application Server Help (Hitachi Application Server V10 Manual (Windows) version 10-11-01 and earlier and Hitachi Application Server V10 Manual (UNIX) version 10-11-01 and earlier) allows a remote attacker to inject an arbitrary script via unspecified vectors.
References
| Link | Resource |
|---|---|
| https://jvn.jp/en/jp/JVN03776901/index.html | Third Party Advisory |
| https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-104 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Jun 2021, 12:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://jvn.jp/en/jp/JVN03776901/index.html - Third Party Advisory | |
| References | (MISC) https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-104 - Vendor Advisory | |
| CPE | cpe:2.3:a:hitachi:application_server_v10_manual:*:*:*:*:*:linux:*:* cpe:2.3:a:hitachi:application_server_v10_manual:*:*:*:*:*:windows:*:* |
|
| CWE | CWE-79 | |
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
22 Jun 2021, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-06-22 02:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-20741
Mitre link : CVE-2021-20741
CVE.ORG link : CVE-2021-20741
JSON object : View
Products Affected
hitachi
- application_server_v10_manual
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')