CVE-2007-3623

Name of the Vulnerable Software and Affected Versions Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager versions prior to 20070528

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. This could potentially lead to unauthorized actions on the affected system.

Recommendations For versions prior to 20070528, update to a version released after 20070528 to resolve the issue. As a temporary workaround, consider restricting access to the Expect HTTP header to minimize the risk of exploitation.