Cross-Site Scripting Vulnerability in Sun Java System Access Manager
CVE-2009-2268

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Access Manager
Vendor: CVE Published:; 1 July 2009

Summary

The Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager has a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML into web pages. This vulnerability can be exploited through unspecified vectors, potentially compromising the security and integrity of web applications reliant on the affected versions of the software.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...

x_refsource_CONFIRM

http://secunia.com/advisories/35651

third-party-advisoryx_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Jul 1, 2009
Vulnerability Reserved
Jul 1, 2009