JVNDB-2009-000049

[Japanese]
JVNDB-2009-000049
Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter)
Overview
RevoCounter CGI (Animation Counter) from futomi's CGI Cafe contains a cross-site scripting vulnerability. RevoCounter CGI (Animation Counter) from futomi's CGI Cafe is a software that displays an animated counter on a webpage. RevoCounter CGI (Animation Counter) contains a cross-site scripting vulnerability.
CVSS Severity (What is CVSS?)
CVSS V2 Severity: Base Metrics 4.3 (Medium) [IPA Score] Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
Affected Products

futomi Co.,Ltd. RevoCounter CGI (Animation Counter) Ver 1.3 and earlier

Impact
An arbitrary script may be executed on the user's web browser.
Solution
[Update the Software] Update to the latest version according to the information provided by the developer.
Vendor Information
futomi Co.,Ltd. futomi's CGI Cafe : Update for the users of RevoCounter CGI (Animation Counter) (Japanese) futomi's CGI Cafe : RevoCounter CGI (Animation Counter) Ver 1.4 (Japanese)
CWE (What is CWE?)
Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

References
JVN : JVN#29852698
Revision History
[2009/07/24] Web page published

Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter)