Description
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58899
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58528
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/68015
Scores
EPSS
0.0029
EPSS Percentile
52.0%
Details
CWE
CWE-79
Status
published
Products (6)
hitachi/jp1\/performance_management-manager_web_option
07-00 (2 CPE variants)
hitachi/jp1\/performance_management-manager_web_option
07-54 (2 CPE variants)
hitachi/tuning_manager
6.0.0 (2 CPE variants)
hitachi/tuning_manager
7.1.0
hitachi/tuning_manager
7.6.1 (2 CPE variants)
hitachi/tuning_manager
8.0.0 (4 CPE variants)
Published
Jun 17, 2014
Tracked Since
Feb 18, 2026