Cross-Site Scripting Issue in Sun Java System Portal Server
CVE-2008-6192

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Portal Server
Vendor: CVE Published:; 19 February 2009

What is CVE-2008-6192?

Multiple cross-site scripting (XSS) vulnerabilities exist in unspecified Portlets within Sun Java System Portal Server versions 7.0 and 7.1. These vulnerabilities enable remote attackers to inject arbitrary web scripts or HTML through unknown vectors, potentially compromising the security of web applications and user data.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securityfocus.com/bid/30738

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/2404

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Feb 19, 2009
Vulnerability Reserved
Feb 19, 2009

Oracle

What is CVE-2008-6192?

References

Timeline