4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
jboss is vulnerable to cross-site scripting (XSS). The vulnerability exists as an attacker could use these flaws to present misleading data to an authenticated user, or execute arbitrary scripting code in the context of the authenticated user’s browser session.
secunia.com/advisories/35680
secunia.com/advisories/37671
securitytracker.com/id?1023315
www.osvdb.org/60898
www.osvdb.org/60899
www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/
www.redhat.com/security/updates/classification/#moderate
www.securityfocus.com/bid/37276
access.redhat.com/errata/RHSA-2009:1636
access.redhat.com/errata/RHSA-2009:1637
access.redhat.com/errata/RHSA-2009:1649
access.redhat.com/errata/RHSA-2009:1650
access.redhat.com/security/cve/CVE-2009-2405
bugzilla.redhat.com/show_bug.cgi?id=510023
exchange.xforce.ibmcloud.com/vulnerabilities/54700
jira.jboss.org/jira/browse/JBAS-7105
jira.jboss.org/jira/browse/JBPAPP-2274
jira.jboss.org/jira/browse/JBPAPP-2284
rhn.redhat.com/errata/RHSA-2009-1636.html
rhn.redhat.com/errata/RHSA-2009-1637.html
rhn.redhat.com/errata/RHSA-2009-1649.html
rhn.redhat.com/errata/RHSA-2009-1650.html