Multiple Cross-Site Scripting Vulnerabilities in Sun Java System Portal Server
CVE-2009-4187

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Portal Server
Vendor: CVE Published:; 3 December 2009

Summary

The Gateway component of Sun Java System Portal Server 6.3.1, 7.1, and 7.2 contains multiple vulnerabilities that permit remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. These vulnerabilities can lead to unauthorized access and manipulation of user data, making it critical for organizations using these versions to implement proper security measures to mitigate potential attacks.

References

http://securitytracker.com/id?1023260

vdb-entryx_refsource_SECTRACK

http://sunsolve.sun.com/search/document.do?assetkey=1-21-...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/37186

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 3, 2009