Cross-Site Scripting Vulnerability in GlassFish Web Admin Interface by Sun Microsystems
CVE-2008-5266

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
28 November 2008

Summary

The GlassFish web administration interface, part of the Sun Java System Application Server, is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This occurs through manipulation of the 'name' parameter in the configuration/httpListenerEdit.jsf, providing a vector for potential exploitation that is distinct from other vulnerabilities. Organizations using the affected server builds must implement strategies to mitigate this risk to safeguard their systems against unauthorized access and malicious attacks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.