Cross-Site Scripting Vulnerability in iPlanet Messaging Server and Sun ONE Messaging Server
CVE-2005-2022

Currently unrated

Key Information:

Vendor: Oracle
Status: Iplanet Messaging Server; One Messaging Server
Vendor: CVE Published:; 17 June 2005

What is CVE-2005-2022?

An unidentified vulnerability exists in the Webmail feature of iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2. This flaw allows remote attackers to exploit the system by executing arbitrary JavaScript, potentially compromising user data and session integrity via crafted input. It emphasizes the need for immediate mitigation to protect sensitive information from unauthorized access.

References

http://www.vupen.com/english/advisories/2005/0816

vdb-entryx_refsource_VUPEN

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Jun 17, 2005

Oracle

What is CVE-2005-2022?

References

Timeline