Published:2006/08/14 Last Updated:2008/05/21
JVN#51301450
NetCommons cross-site scripting vulnerability
Overview
NetCommons is an open source content management system, combining e-learning and groupware functionality. NetCommons is developed and distributed by the NetCommons Project. NetCommons contains a cross-site scripting vulnerability.
Products Affected
- NetCommons 1.0.8 and earlier
Description
Impact
An arbitrary script may be executed on the user's web browser. As a result, a remote attacker could forge the web page contents.
Solution
References
JPCERT/CC Addendum
Credit
Daiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2006-000644 |