XSS Vulnerability in iPlanet Web Server 4.x from Sun Microsystems
CVE-2007-0183

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
12 January 2007

Summary

A cross-site scripting (XSS) vulnerability exists in the iPlanet Web Server 4.x, allowing remote attackers to inject arbitrary web script or HTML code via the NS-max-records parameter in the /search functionality. This flaw can expose users to potential malware or phishing attacks if exploited, as it may allow the attacker to manipulate web content and steal sensitive information.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.