SUN » Java System Access Manager » 7.0_2005q4 hp-ux : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.22%
Published
2009-07-01
Updated
2010-05-25
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Max CVSS
6.0
EPSS Score
0.35%
Published
2009-01-16
Updated
2018-10-30
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-03-08
Updated
2017-08-08
3 vulnerabilities found