CVE-2004-2492
Hitachi Groupmax World Wide Web Desktop 5-6 - Cross-Site Scripting via QUERY Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter.
References (5)
Core 5
Core References
Patch x_refsource_confirm
http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/12154
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/13321
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11773
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18277
Scores
EPSS
0.0043
EPSS Percentile
62.5%
Details
Status
published
Products (12)
hitachi/groupmax_world_wide_web_desktop
05_00
hitachi/groupmax_world_wide_web_desktop
05_11_f
hitachi/groupmax_world_wide_web_desktop
05_11_i
hitachi/groupmax_world_wide_web_desktop
05_11_j
hitachi/groupmax_world_wide_web_desktop
06_00
hitachi/groupmax_world_wide_web_desktop
06_50_b
hitachi/groupmax_world_wide_web_desktop
06_50_c
hitachi/groupmax_world_wide_web_desktop
06_51 (2 CPE variants)
hitachi/groupmax_world_wide_web_desktop
06_51_b
hitachi/groupmax_world_wide_web_desktop
06_51_c
... and 2 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026