Java System Web Server Security Vulnerabilities and Issues — Java System Web Server CVE List

Lucene search

SunJava System Web Server

3 matches found

CVE•added 2008/06/03 2:32 p.m.•39 views

CVE-2008-2518

Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter...

4.3CVSS5.5AI score0.00529EPSS

CVE•added 2008/05/13 8:20 p.m.•37 views

CVE-2008-2166

Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.

4.3CVSS5.4AI score0.00529EPSS

CVE•added 2008/05/09 3:20 p.m.•34 views

CVE-2008-2120

Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.

5CVSS6.8AI score0.00638EPSS