CVE-2007-3623

2007-07-0916:00:00

mitre

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.6%

JSON

Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.

References

osvdb.org/37848

osvdb.org/37849

secunia.com/advisories/25973

www.hitachi-support.com/security_e/vuls_e/HS07-017_e/index-e.html

www.securityfocus.com/bid/24797

www.vupen.com/english/advisories/2007/2457

exchange.xforce.ibmcloud.com/vulnerabilities/35286