CVE-2021-20741

Name of the Vulnerable Software and Affected Versions Hitachi Application Server V10 Manual (Windows) versions 10-11-01 and earlier Hitachi Application Server V10 Manual (UNIX) versions 10-11-01 and earlier

Description The issue is related to a cross-site scripting vulnerability that exists due to inadequate protection of the web page structure. This allows a remote attacker to inject an arbitrary script via unspecified vectors, potentially enabling the execution of arbitrary code.

Recommendations For Hitachi Application Server V10 Manual (Windows) versions 10-11-01 and earlier, update to a version later than 10-11-01 to resolve the issue. For Hitachi Application Server V10 Manual (UNIX) versions 10-11-01 and earlier, update to a version later than 10-11-01 to resolve the issue. As a temporary workaround, consider restricting access to the Help section of the Hitachi Application Server until a patch is available.