[Japanese]

JVNDB-2010-001534

Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function

Overview

The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


FUJITSU
  • Interstage Application Framework Suite
  • Interstage Application Server
  • Interstage Business Application Server
  • Interstage Form Coordinator Workflow
  • Interstage Interaction Manager
  • Interstage Portalworks

Impact

A remote attacker could execute arbitrary scripts on the affected browser.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

FUJITSU
CWE (What is CWE?)

  1. Cross-site Scripting(CWE-79) [IPA Evaluation]
CVE (What is CVE?)

References

Revision History

  • [2010/6/22]
      Web page published

Date Public2010/05/28
Date First Published2010/06/22
Date Last Updated2010/06/22