Описание
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_messaging_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_messaging_server:6.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_messaging_server:6.2:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0055
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.
EPSS
Процентиль: 67%
0.0055
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79