Описание
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
Ссылки
- Vendor Advisory
- Patch
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sun:java_system_access_manager:7.0:*:linux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:hp-ux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:solaris_sparc:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:solaris_x86:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:windows:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:hp-ux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:linux:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_sparc:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_x86:*:*:*:*:*
cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*
EPSS
Процентиль: 52%
0.00293
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
EPSS
Процентиль: 52%
0.00293
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79