Cross-Site Scripting Vulnerability in Sun Java System Web Server
CVE-2008-2166

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Web Server
Vendor
CVE Published:
13 May 2008

What is CVE-2008-2166?

A vulnerability exists in the search module of Sun Java System Web Server, affecting versions 6.1 prior to SP9 and 7.0 prior to Update 2. This flaw enables remote attackers to inject arbitrary web scripts or HTML by manipulating unknown parameters in the index.jsp file. Successful exploitation can lead to unauthorized actions taken on behalf of a user, impacting the security of web applications that leverage this server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/30133
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/29087
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2008/1455/references
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.