Cross-Site Scripting Vulnerabilities in Sun Java System Access Manager Administration Console
CVE-2008-1204

Currently unrated

Key Information:

Vendor
Oracle
Status
Java System Access Manager
Vendor
CVE Published:
8 March 2008

Summary

The Administration Console of Sun Java System Access Manager versions 7.1 and 7 2005Q4 has multiple cross-site scripting (XSS) vulnerabilities. These flaws allow remote attackers to inject arbitrary web scripts or HTML, potentially compromising user data and sessions. The vulnerabilities are specifically related to the Help and Version windows within the console, which can be exploited through unspecified vectors, making it essential for organizations to implement security measures and updates.

References

http://www.securityfocus.com/bid/28113
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/41024
vdb-entryx_refsource_XF
http://secunia.com/advisories/29252
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.