Web application abuses : Sun Java Web Console Multiple XSS Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800826

Categoría: Web application abuses

Título: Sun Java Web Console Multiple XSS Vulnerabilities

Resumen: Java Web Console is prone to Multiple Cross-Site Scripting Vulnerabilities.

Descripción: Summary:
Java Web Console is prone to Multiple Cross-Site Scripting Vulnerabilities.

Vulnerability Insight:
Errors in help jsp script that is not properly sanitising input data before
being returned to the user, which can be exploited to cause web script or HTML code injection.

Vulnerability Impact:
Successful exploitation will let the remote attacker to execute arbitrary HTML
and script code in a user's browser session in the context of an affected site.

Affected Software/OS:
Sun Java Web Console version 3.0.2 to 3.0.5.

Solution:
Apply the update from the referenced advisory.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2283
http://secunia.com/advisories/35597
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020659.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262428-1

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800826
Categoría:	Web application abuses
Título:	Sun Java Web Console Multiple XSS Vulnerabilities
Resumen:	Java Web Console is prone to Multiple Cross-Site Scripting Vulnerabilities.
Descripción:	Summary: Java Web Console is prone to Multiple Cross-Site Scripting Vulnerabilities. Vulnerability Insight: Errors in help jsp script that is not properly sanitising input data before being returned to the user, which can be exploited to cause web script or HTML code injection. Vulnerability Impact: Successful exploitation will let the remote attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Affected Software/OS: Sun Java Web Console version 3.0.2 to 3.0.5. Solution: Apply the update from the referenced advisory. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2283 http://secunia.com/advisories/35597 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020659.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-262428-1
Copyright	Copyright (C) 2009 Greenbone AG