:A vulnerability has been reported in various Hitachi Cosminexus products, which can be exploited by malicious people to conduct cross-site scripting attacks.The vulnerability is caused due to an error within the javadoc command of the Cosminexus Developer’s Kit for Java component when generating HTML documentation pages and can potentially be exploited to conduct cross-site scripting attacks on a website that hosts the generated documentation.See the vendor’s advisory for a list of affected products.The vulnerability may be related to:SA25769Solution:Update to a fixed version. See the vendor’s advisory for details or contact a Hitachi support service representative.Provided and/or discovered by:Reported by the vendor. Reported in Sun JDK JavaDoc by Martin Straka.Original Advisory:http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.htmlOther References:SA25769:http://secunia.com/advisories/25769/

Original post by manisha