Multiple XSS Vulnerabilities in Sun Java System Application Server 9.1_01
CVE-2008-2751

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
18 June 2008

Summary

The Sun Java System Application Server 9.1_01 contains multiple cross-site scripting (XSS) vulnerabilities in its Glassfish web administrative interface. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML content through specific parameters, potentially compromising the integrity and confidentiality of the application. Exploitation can occur via several input fields, enabling attackers to execute malicious scripts in the context of the user's session, which could lead to unauthorized actions and data leakage.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.