3 matches found
CVE-2008-2518
CVE-2008-2518 is an XSS vulnerability in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3, affecting the advanced search (webapps/search/advanced.jsp). The underlying issue is an HTML/script injection via unspecified vectors (likely related to the next parameter). Exploitation de...
CVE-2008-2166
CVE-2008-2166 affects Sun Java System Web Server 6.1 (pre-SP9) and 7.0 (pre-Update 2). The issue is a cross-site scripting vulnerability in the Search module (index.jsp) caused by insufficient input sanitization, enabling remote injection of arbitrary script/HTML. The connected documents provide ...
CVE-2008-2120
CVE-2008-2120 is an information-disclosure vulnerability in Sun Java System Application Server 7 (2004Q2) before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 that allows remote attackers to obtain the source code of JSP files via unknown vectors. Affected components are...