[原文]Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components.
Hitachi Groupmax Collaboration contains a flaw that allows a remote cross site scripting attack. No further details have been provided.
Upgrade to Groupmax Collaboration Portal 07-10-/C and Groupmax Collaboration Web Client - Forum/File Sharing 07-10-/B or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.