Cross-Site Scripting Vulnerability in Sun Java System Web Proxy Server
CVE-2007-6571

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Web Server; Java System Web Proxy Server
Vendor: CVE Published:; 28 December 2007

Summary

The Sun Java System Web Proxy Server version 3.6 prior to SP11 on Windows is susceptible to a cross-site scripting vulnerability that enables remote attackers to execute arbitrary web scripts or inject HTML through unspecified vectors. This flaw poses a risk as it allows attackers to manipulate web content seen by users, potentially leading to unauthorized data access, phishing, and other malicious activities.

References

http://www.securityfocus.com/bid/26978

vdb-entryx_refsource_BID

http://secunia.com/advisories/28216

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Dec 28, 2007
Vulnerability Reserved
Dec 28, 2007