|
[Japanese]
|
JVNDB-2012-000032
|
Dokodemo Rikunabi 2013 vulnerable to cross-site scripting
|
|
Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability.
Dokodemo Rikunabi 2013 is an extension for Google Chrome. Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability.
Kazuhiko Kusano of Graduate School of Information Sciences,Tohoku University reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
|
CVSS V2 Severity:
Base Metrics 5.8 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Medium
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: Partial
- Availability Impact: None
|
|
|
RECRUIT CO.,LTD.
- Dokodemo Rikunabi 2013 version 1.0.0
|
|
|
An arbitrary script may be executed on user's Google Chrome.
|
|
[Update the software]
Update to the latest version according to the information provided by the developer.
According to the developer, Dokodemo Rikunabi 2013 automatically updates through the features of Google Chrome.
|
|
RECRUIT CO.,LTD.
|
|
- Cross-site Scripting(CWE-79) [IPA Evaluation]
|
|
- CVE-2012-1240
|
|
- JVN : JVN#90055996
- National Vulnerability Database (NVD) : CVE-2012-1240
|
|
- [2012/04/13]
Web page was published
|
