Cross-Site Scripting Vulnerability in Sun Java System Web Server
CVE-2008-2166

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
13 May 2008

Summary

A vulnerability exists in the search module of Sun Java System Web Server, affecting versions 6.1 prior to SP9 and 7.0 prior to Update 2. This flaw enables remote attackers to inject arbitrary web scripts or HTML by manipulating unknown parameters in the index.jsp file. Successful exploitation can lead to unauthorized actions taken on behalf of a user, impacting the security of web applications that leverage this server.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.