5 matches found
Glassfish Enterprise Server 2.1 Admin Console /sysnet/registration.jsf URI XSS
No description provided by source. source: http://www.securityfocus.com/bid/34824/info GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the conte...
GlassFish Enterprise Server Multiple Cross Site Scripting Vulnerabilities
GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based...
CVE-2009-1553
Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 applications/applications.jsf, 2 configuration/configuration.jsf, 3 customMBeans/customMBeans.jsf, ...
CVE-2009-1553
Multiple cross-site scripting XSS vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to 1 applications/applications.jsf, 2 configuration/configuration.jsf, 3 customMBeans/customMBeans.jsf, ...
CVE-2009-1553
CVE-2009-1553 covers multiple XSS vulnerabilities in Sun GlassFish Enterprise Server 2.1 Admin Console. Vulnerable components: admin JSF endpoints (applications.jsf, configuration.jsf, customMBeans.jsf, resourceNode/resources.jsf, sysnet/registration.jsf, webService/webServicesGeneral.jsf) and na...