Lucene search
RedhatCVELIST:CVE-2009-1380HistoryDec 15, 2009 - 6:00 p.m.
CVE-2009-1380
2009-12-1518:00:00
redhat
www.cve.org
7
Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to inject arbitrary web script or HTML via the filter parameter, related to the key property and the position of quote and colon characters.
References
secunia.com/advisories/37671
securitytracker.com/id?1023315
www.securityfocus.com/bid/37276
bugzilla.redhat.com/show_bug.cgi?id=511224
exchange.xforce.ibmcloud.com/vulnerabilities/54698
jira.jboss.org/jira/browse/JBPAPP-1983
rhn.redhat.com/errata/RHSA-2009-1636.html
rhn.redhat.com/errata/RHSA-2009-1637.html
rhn.redhat.com/errata/RHSA-2009-1649.html
rhn.redhat.com/errata/RHSA-2009-1650.html
Related
cve
cve
CVE-2009-1380
2009-12-15 18:30:00
ubuntucve
ubuntucve
CVE-2009-1380
2009-12-15 00:00:00
prion
prion
Cross site scripting
2009-12-15 18:30:00
nvd
nvd
CVE-2009-1380
2009-12-15 18:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:37:32
seebug
seebug
JBoss企业应用平台多个安全漏洞
2009-12-14 00:00:00
nessus
nessus
RHEL 4 : JBoss EAP (RHSA-2009:1636)
2013-01-24 00:00:00
RHEL 5 : JBoss EAP (RHSA-2009:1649)
2013-01-24 00:00:00
RHEL 4 : JBoss EAP (RHSA-2009:1637)
2013-01-24 00:00:00
redhat
redhat