CVE-2010-1227
CVE-2010-1227 describes a cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 that allows remote attackers to inject arbitrary Web script or HTML via the subject field of a message, demonstrated by a subject containing an IMG element whose SRC attribute ...