Cross-Site Scripting Flaw in Sun Java System Messaging Server 6.2 and 6.3
CVE-2008-5098

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Messaging Server
Vendor: CVE Published:; 17 November 2008

What is CVE-2008-5098?

An XSS vulnerability exists in Sun Java System Messaging Server versions 6.2 and 6.3, permitting remote attackers to inject arbitrary web scripts or HTML into the server through unspecified vectors. This vulnerability poses a risk to users by allowing unauthorized script execution in the context of the web application, potentially leading to data theft or user impersonation.

References

http://securitytracker.com/id?1021223

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/46583

vdb-entryx_refsource_XF

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2008
Vulnerability Reserved
Nov 17, 2008

Oracle

What is CVE-2008-5098?

References

Timeline