CVE-2008-5719

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-026/index.html", "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-026/index.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://securitytracker.com/alerts/2008/Dec/1021483.html", "name": "1021483", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/33281", "name": "33281", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/32833", "name": "32833", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Hitachi Groupmax Web Workflow SDK Set for Active Server Pages before 06-52-/C and Hitachi Groupmax Workflow - Development Kit for Active Server Pages before 06-52-/A allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-5719", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2008-12-26T17:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-11_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-00_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11_c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "06-52"}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-52_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10_d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-10_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-20_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-20_b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-03_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-00_c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:05-20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:3-10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10_c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:03-10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:05-10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_workflow_to_development_kit_for_active_server_pages:06-50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "06-52_b"}, {"cpe23Uri": "cpe:2.3:a:hitachi:groupmax_web_workflow_sdk_set_for_active_server_pages:06-03_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2009-02-18T06:25Z"}