Unrated severityNVD Advisory· Published Jan 26, 2007· Updated Apr 23, 2026

CVE-2007-0514

Description

Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps.

Affected products

Hitachi/Cosminexus Application Server2 versions
cpe:2.3:a:hitachi:cosminexus_application_server:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hitachi:cosminexus_application_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:hitachi:cosminexus_application_server:6:*:enterprise:*:*:*:*:*
Hitachi/Cosminexus Application Server Version 5
cpe:2.3:a:hitachi:cosminexus_application_server_version_5:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Developer Light Version 6
cpe:2.3:a:hitachi:cosminexus_developer_light_version_6:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Developer Professional Version 6
cpe:2.3:a:hitachi:cosminexus_developer_professional_version_6:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Developer Standard Version 6
cpe:2.3:a:hitachi:cosminexus_developer_standard_version_6:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Developer Version 5
cpe:2.3:a:hitachi:cosminexus_developer_version_5:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Server Enterprise Edition
cpe:2.3:a:hitachi:cosminexus_server_-_enterprise_edition:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Server Standard Edition
cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Server Standard Edition Version 4
cpe:2.3:a:hitachi:cosminexus_server_-_standard_edition_version_4:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Server Web Edition
cpe:2.3:a:hitachi:cosminexus_server_-_web_edition:*:*:*:*:*:*:*:*
Hitachi/Cosminexus Server Web Edition Version 4
cpe:2.3:a:hitachi:cosminexus_server_-_web_edition_version_4:*:*:*:*:*:*:*:*
Hitachi/Web Server
cpe:2.3:a:hitachi:hitachi_web_server:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Application Server Enterprise
cpe:2.3:a:hitachi:ucosminexus_application_server_enterprise:*:*:enterprise:*:*:*:*:*
Hitachi/Ucosminexus Application Server Smart Edition
cpe:2.3:a:hitachi:ucosminexus_application_server_smart_edition:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Application Server Standard
cpe:2.3:a:hitachi:ucosminexus_application_server_standard:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Developer Light
cpe:2.3:a:hitachi:ucosminexus_developer_light:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Developer Standard
cpe:2.3:a:hitachi:ucosminexus_developer_standard:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Service Architect
cpe:2.3:a:hitachi:ucosminexus_service_architect:*:*:*:*:*:*:*:*
Hitachi/Ucosminexus Service Platform
cpe:2.3:a:hitachi:ucosminexus_service_platform:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.htmlnvdPatchVendor Advisory
osvdb.org/32997nvd
osvdb.org/32998nvd
secunia.com/advisories/23843nvd
www.vupen.com/english/advisories/2007/0326nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000