Cross-site Scripting Vulnerability in Sun Java System Messaging Server
CVE-2006-5486

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Messaging Server
Iplanet Messaging Server
Vendor
CVE Published:
24 October 2006

What is CVE-2006-5486?

A cross-site scripting (XSS) vulnerability exists in the Webmail component of the Sun Java System Messaging Server and the iPlanet Messaging Server. This flaw permits remote attackers to inject and execute arbitrary JavaScript code through specially crafted email messages. Effective exploitation can lead to unauthorized actions being performed on behalf of users, potentially jeopardizing sensitive data and compromising the integrity of session tokens.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/20708
vdb-entryx_refsource_BID
http://securitytracker.com/id?1017113
vdb-entryx_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.