Cross-Site Scripting Vulnerability in GlassFish Web Admin Interface by Sun Microsystems
CVE-2008-5266
Currently unrated
Summary
The GlassFish web administration interface, part of the Sun Java System Application Server, is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This occurs through manipulation of the 'name' parameter in the configuration/httpListenerEdit.jsf, providing a vector for potential exploitation that is distinct from other vulnerabilities. Organizations using the affected server builds must implement strategies to mitigate this risk to safeguard their systems against unauthorized access and malicious attacks.
References
Timeline
Vulnerability published
Vulnerability Reserved