3 matches found
CVE-2008-5266
CVE-2008-5266 is an XSS in GlassFish 2 UR2 webadmin (configuration/httpListenerEdit.jsf) of Sun Java System Application Server 9.1_01 (build b09d-fcs) and 9.1_02 (build b04-fcs). Remote attackers can inject arbitrary script via the name parameter. CVSS v2 base score 4.3 (AV:N/AC:M/Au:N/I:P/C:N/A:...
CVE-2008-2751
CVE-2008-2751 concerns multiple XSS vulnerabilities in the GlassFish 2 Sun Java System Application Server 9.1_01 webadmin interface. The disclosed vectors affect the JSF pages (resourceNode, applications, etc.) via numerous form fields (e.g., jndiProp, resTypeProp, factoryClassProp, descProp, nam...
CVE-2008-2120
CVE-2008-2120 is an information-disclosure vulnerability in Sun Java System Application Server 7 (2004Q2) before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 that allows remote attackers to obtain the source code of JSP files via unknown vectors. Affected components are...