Cross-Site Scripting Vulnerability in Sun ONE and Java System Web Servers
CVE-2006-2501
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 20 May 2006
Summary
A cross-site scripting (XSS) vulnerability exists in the Sun ONE Web Server and Java System Web Server, as well as their respective application servers. This flaw could permit remote attackers to inject potentially malicious web scripts or HTML through unknown attack vectors, possibly taking advantage of vulnerabilities in error messages displayed by the servers. Successful exploitation of this vulnerability could lead to unauthorized actions and data exposure for users interacting with the affected web applications.
References
EPSS Score
6% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved