Sun Java Web Console Multiple XSS Vulnerabilities Network Vulnerability

Summary

The host is running Java Web Console and is prone to Multiple Cross-Site Scripting Vulnerabilities.

Impact

Successful exploitation will let the remote attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application

Solution

Apply patch from below link, http://sunsolve.sun.com/search/document.do?assetkey=1-66-262428-1

Insight

Errors in help jsp script that is not properly sanitising input data before being returned to the user, which can be exploited to cause web script or HTML code injection.

Affected

Sun Java Web Console version 3.0.2 to 3.0.5

References

http://secunia.com/advisories/35597
http://www.vupen.com/english/advisories/2009/1712

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-2283

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
AbanteCart Multiple Cross-Site Scripting Vulnerabilities

Take action and discover your vulnerabilities