Cross-Site Scripting Vulnerability in GlassFish Web Admin Interface by Sun Microsystems
CVE-2008-5266

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Application Server
Glassfish Server
Vendor
CVE Published:
28 November 2008

What is CVE-2008-5266?

The GlassFish web administration interface, part of the Sun Java System Application Server, is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This occurs through manipulation of the 'name' parameter in the configuration/httpListenerEdit.jsf, providing a vector for potential exploitation that is distinct from other vulnerabilities. Organizations using the affected server builds must implement strategies to mitigate this risk to safeguard their systems against unauthorized access and malicious attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/4659
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/493243/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://webappsecurity.wordpress.com/2008/06/11/xss-glassf...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.