6 matches found
SuSE 11 Security Update : Websphere Community Edition (SAT Patch Number 1016)
This update of WebSphere fixes the following vulnerabilities : - GERONIMO-3838: close potential denial of service attack - fix Apache Geronimo web administration console directory traversal vulnerabilities. CVE-2008-5518 - fix Apache Geronimo web administration console XSS vulnerabilities...
SLES10: Security update for Websphere Community Edition
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: websphere-asce More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references. SPDX-FileCopyrightText:...
SuSE 10 Security Update : Websphere Community Edition (ZYPP Patch Number 6312)
This update of WebSphere fixes the following vulnerabilities : - GERONIMO-3838: close potential denial of service attack - fix Apache Geronimo web administration console directory traversal vulnerabilities. CVE-2008-5518 - fix Apache Geronimo web administration console XSS vulnerabilities...
CVE-2009-0038
Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...
CVE-2009-0038
CVE-2009-0038 refers to multiple cross-site scripting (XSS) vulnerabilities in the Apache Geronimo web administration console (versions 2.1 to 2.1.3). The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via parameters (name, ip, username, description) to console/port...
Apache Geronimo Cross Site Scripting
Original advisory http://dsecrg.com/pages/vul/show.php?id=119 Digital Security Research Group DSecRG Advisory DSECRG-09-019 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Multiple XSS Vulnerabilities Exploits: YES...