Akihide Yamatani

**Name of the Vulnerable Software and Affected Versions** Fujitsu e-Pares versions V01 L01, L03, L10, L20, L30 **Description** A session fixation issue allows remote attackers to hijack web sessions. The exact vectors used for the attack are not specified. **Recommendations** For Fujitsu e-Pares versions V01 L01, L03, L10, L20, L30, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Fujitsu e-Pares version V01 L01 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors. **Recommendations** For Fujitsu e-Pares version V01 L01, update to a version that addresses this issue, as no specific fix is detailed in the provided information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Fujitsu e-Pares versions V01 L01, V01 L03, V01 L10, V01 L20, V01 L30, V01 L40 **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests that modify facility reservation data. **Recommendations** For versions V01 L01, V01 L03, V01 L10, V01 L20, V01 L30, V01 L40, at the moment, there is no information about a newer version that contains a fix for this issue.