Cross site scripting

2006-04-0100:04:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CPENameOperatorVersion
groupmax_world_wide_webeq2
groupmax_world_wide_webeq3
groupmax_world_wide_web_desktopeq5
groupmax_world_wide_web_desktopeq6
groupmax_world_wide_web_desktop_schedulereq5
groupmax_world_wide_web_schedulereq2
groupmax_world_wide_web_schedulereq3

Name	Operator	Version
groupmax_world_wide_web	eq	2
groupmax_world_wide_web	eq	3
groupmax_world_wide_web_desktop	eq	5
groupmax_world_wide_web_desktop	eq	6
groupmax_world_wide_web_desktop_scheduler	eq	5
groupmax_world_wide_web_scheduler	eq	2
groupmax_world_wide_web_scheduler	eq	3

References

secunia.com/advisories/19483

www.hitachi-support.com/security_e/vuls_e/HS06-005_e/index-e.html

www.osvdb.org/24295

www.securityfocus.com/bid/17337

www.vupen.com/english/advisories/2006/1180

exchange.xforce.ibmcloud.com/vulnerabilities/25574