|Improper Input Validation|
|Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')|
|Vulnerability||Severity Score||Release Date||Summary|
|CVE-2007-5810||5.0||Nov. 5, 2007||
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature.
|CVE-2007-5809||4.3||Nov. 5, 2007||
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.