JVN#57749899: The installer of e-Tax software(common program) vulnerable to privilege escalation

The installer of e-Tax softwarecommon program provided by National Tax Agency contains a vulnerability which allows uploading a malicious DLL to be executed with higher privileges than that of an general user by altering registry CWE-268. Impact A malicious DLL prepared by an attacker may be...

nta.co.jp XSS vulnerability

Open Bug Bounty ID: OBB-629332 Description| Value ---|--- Affected Website:| nta.co.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

JVN#79451345: Installer of Setup file of advance preparation for e-Tax software (WEB version) may insecurely load Dynamic Link Libraries

Installer of Setup file of advance preparation for e-Tax software WEB version provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privilege of the user invoking the...

nta.co.jp XSS vulnerability

Vulnerable URL: http://www.nta.co.jp/jump/j.php?url="...