Description
Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751.
Remediation
References
Related Vulnerabilities
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2024-25605)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607)
WordPress Plugin Music Store Cross-Site Scripting (1.0.41)
Django Improper Access Control Vulnerability (CVE-2016-2048)
Joomla Improper Input Validation Vulnerability (CVE-2015-8562)