CVE-2004-2497

Name of the Vulnerable Software and Affected Versions: Hitachi Web Page Generator and Web Page Generator Enterprise version 4.01 and earlier

Description: A cross-site scripting (XSS) issue exists in the error handler of the affected software. This occurs when the default error template is used and debug mode is set to ON, allowing remote attackers to inject arbitrary web script or HTML.

Recommendations: For Hitachi Web Page Generator and Web Page Generator Enterprise version 4.01 and earlier, consider disabling debug mode to minimize the risk of exploitation. As a temporary workaround, modify the error template to prevent the injection of malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.