CVE-2008-6192

Опубликовано: 19 фев. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

Ссылки

http://secunia.com/advisories/31538
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239308-1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/30738
Patch
http://www.securitytracker.com/id?1020706
http://www.vupen.com/english/advisories/2008/2404
https://exchange.xforce.ibmcloud.com/vulnerabilities/44531
http://secunia.com/advisories/31538
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239308-1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/30738
Patch
http://www.securitytracker.com/id?1020706
http://www.vupen.com/english/advisories/2008/2404
https://exchange.xforce.ibmcloud.com/vulnerabilities/44531

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:java_system_portal_server:7.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00529

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-4j82-p3qw-wpgq

github

больше 3 лет назад