CVE-2009-0877

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Communications Express
Vendor: CVE Published:; 12 March 2009

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field.

References

http://sosoblood.freehostia.com/SJSC/html_injection.gif

x_refsource_MISC

http://www.securityfocus.com/archive/1/501672/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/34083

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 12, 2009
Vulnerability Reserved
Mar 12, 2009