JVN#83832818
Interstage Application Server cross-site scripting vulnerability
Overview
The Servlet Service for Interstage Business Application and the Servlet Service for Interstage Management Console (may be referred to as "Servlet Service for Interstage Operation Management" in certain versions) included in the Interstage product series from Fujitsu contain a cross-site scripting vulnerability.
As of March 19, 2007, Fujitsu has announced workarounds for this issue. For more information, refer to the vendor's website.
Products Affected
A wide range of products is affected. For more information, refer to the vendor's website.
Description
Impact
An arbitrary script may be executed on the user's web browser.
Solution
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Daiki Fukumori of Secure Sky Technology, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2007-000218 |
Update History
- 2015/10/21
- FUJITSU LIMITED update status