Cross-Site Scripting Vulnerability in Sun ONE Application Server and Java Systems
CVE-2006-3225

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
26 June 2006

Summary

This vulnerability allows remote attackers to inject arbitrary HTML or web scripts into affected installations of Sun ONE Application Server and Java System Application Server. The exploitation of this flaw can lead to unauthorized access, data theft, or manipulation of web content. The vulnerability exists due to insufficient validation of user-supplied inputs, making it essential for users to apply the latest updates to mitigate potential risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.