Description

Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751.

Remediation

References

CVE-2008-5266

Related Vulnerabilities

WordPress Plugin Csv Import-Export Multiple Cross-Site Scripting Vulnerabilities (1.1.0)

WordPress 4.4.x Possible SQL Injection Vulnerability (4.4 - 4.4.11)

MySQL CVE-2018-2805 Vulnerability (CVE-2018-2805)

WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.7)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4340)

Severity

Medium

Classification

CVE-2008-5266 CWE-707

Tags

Missing Update Known Vulnerabilities