Description
Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10818
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12150
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/8264
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16822
Vendor Advisory x_refsource_confirm
http://www.hitachi-support.com/security_e/vuls_e/HS04-003_e/index-e.html
Scores
EPSS
0.0046
EPSS Percentile
64.5%
Details
Status
published
Products (13)
hitachi/web_page_generator
01_00
hitachi/web_page_generator
01_01_c
hitachi/web_page_generator
02_00
hitachi/web_page_generator
02_00_c
hitachi/web_page_generator_enterprise
03_00
hitachi/web_page_generator_enterprise
03_02_c
hitachi/web_page_generator_enterprise
03_03
hitachi/web_page_generator_enterprise
03_03_c
hitachi/web_page_generator_enterprise
03_03_d
hitachi/web_page_generator_enterprise
04_00
... and 3 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026