CVE-2005-4322

Name of the Vulnerable Software and Affected Versions Hitachi Cosminexus Collaboration Portal versions 06-00 through 06-10-/B Hitachi Groupmax Collaboration Portal versions 07-00 through 07-10-/B Hitachi Groupmax Collaboration Web Client versions 07-00 through 07-10-/A

Description The issue allows remote attackers to inject arbitrary web script or HTML via the Schedule and Calendar components, potentially leading to cross-site scripting (XSS) attacks.

Recommendations For Hitachi Cosminexus Collaboration Portal versions 06-00 through 06-10-/B, restrict access to the Schedule and Calendar components until a fix is available. For Hitachi Groupmax Collaboration Portal versions 07-00 through 07-10-/B, consider disabling the Schedule and Calendar components as a temporary workaround. For Hitachi Groupmax Collaboration Web Client versions 07-00 through 07-10-/A, avoid using the Schedule and Calendar components in sensitive operations until the issue is resolved.