Cross-Site Scripting Vulnerabilities in Sun Java System Access Manager
CVE-2007-0628

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Access Manager
Vendor
CVE Published:
31 January 2007

What is CVE-2007-0628?

Multiple cross-site scripting (XSS) vulnerabilities exist within Sun Java System Access Manager, specifically in versions 6.1, 6.2, 6 2005Q1, and 7 2005Q4. These weaknesses enable remote attackers to inject arbitrary web scripts or HTML via parameters such as 'goto' or 'gx-charset'. Exploiting these vulnerabilities can allow attackers to manipulate the content displayed to users, potentially leading to data theft, session hijacking, or further exploitation of user accounts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2007/0411
vdb-entryx_refsource_VUPEN
http://securitytracker.com/id?1017570
vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/23979
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.