CVE-2007-0628
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 6.3, and 7 2005Q4 7.0 before 20070129 allow remote attackers to inject arbitrary web script or HTML via the 1 goto or 2 gx-charset parameter. NOTE: some of these details are obtained from third...