CVE-2007-0514
Hitachi Web Server, uCosminexus, and Cosminexus - Cross-Site Scripting via HTTP Expect Headers or Image Maps
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/32998
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23843
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0326
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/32997
Patch, Vendor Advisory x_refsource_confirm
http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html
Scores
EPSS
0.0124
EPSS Percentile
79.5%
Details
Status
published
Products (20)
hitachi/cosminexus_application_server
hitachi/cosminexus_application_server
6
hitachi/cosminexus_application_server_version_5
hitachi/cosminexus_developer_light_version_6
hitachi/cosminexus_developer_professional_version_6
hitachi/cosminexus_developer_standard_version_6
hitachi/cosminexus_developer_version_5
hitachi/cosminexus_server_-_enterprise_edition
hitachi/cosminexus_server_-_standard_edition
hitachi/cosminexus_server_-_standard_edition_version_4
... and 10 more
Published
Jan 26, 2007
Tracked Since
Feb 18, 2026