JVNDB-2007-000165

[Japanese]
JVNDB-2007-000165
Ariel AirOne series cross-site scripting vulnerability
Overview
The Ariel AirOne series, from Ariel Networks, contain a cross-site scripting vulnerability.
CVSS Severity (What is CVSS?)
CVSS V2 Severity: Base Metrics 5.0 (Medium) [IPA Score] Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
Affected Products

Ariel Networks, Inc. Ariel Airone ProlectA v4.6.1 Ariel Multi Scheduler v4.6.3

Impact
An arbitrary script may be executed on the user's web browser.
Solution

Vendor Information
Ariel Networks, Inc. Ariel AirOne ProjectA : Ariel AirOne ProjectA v4.x (Windows) Release Note (Japanese) Ariel MultiScheduler : Ariel MultiScheduler v4.x Release Note (Japanese)
CWE (What is CWE?)

CVE (What is CVE?)

References
JVN : JVN#84746611
Revision History
[2008/05/21] Web page published

Ariel AirOne series cross-site scripting vulnerability