CVE-2008-0239 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3 7.0 and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp (2) resultsForm parameter to /idm/account/findForSelect.jsp or (3) activeControl parameter to /idm/user/main.jsp.

Reference

http://secunia.com/advisories/28356 http://securityreason.com/securityalert/3535 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1 http://www.procheckup.com/Vulnerability_PR07-06.php http://www.procheckup.com/Vulnerability_PR07-07.php http://www.procheckup.com/Vulnerability_PR07-08.php http://www.procheckup.com/Vulnerability_PR07-09.php http://www.securityfocus.com/archive/1/486076/100/0/threaded http://www.securityfocus.com/bid/27214 http://www.securitytracker.com/id?1019175 http://www.vupen.com/english/advisories/2008/0089 https://exchange.xforce.ibmcloud.com/vulnerabilities/39580 https://exchange.xforce.ibmcloud.com/vulnerabilities/39581 https://exchange.xforce.ibmcloud.com/vulnerabilities/39582 https://exchange.xforce.ibmcloud.com/vulnerabilities/39583

Share on: