CVSS: 6.1EPSS: 0%CPEs: 26EXPL: 0CVE-2009-2268
https://notcve.org/view.php?id=CVE-2009-2268
01 Jul 2009 — Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el Cross-Domain Controller (CDC) servlet en Sun Java System Access Manager v6 2005Q1, v7 2005Q4, y v7.1, permite a atacantes remotos ejecutar secuencias de comandos web o HTML de su elección a t... • http://secunia.com/advisories/35651 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-2945
https://notcve.org/view.php?id=CVE-2008-2945
30 Jun 2008 — Sun Java System Access Manager 6.3 through 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715, CVE-2007-3716, and CVE-2007-4289. Sun Java System Access Manager 6.3 hasta 7.1 y Sun Java System Identity Server 6.1 y 6.2 no procesa adecuadamente hojas de estilo XSLT en transformaciones XSLT de firmas XML. • http://secunia.com/advisories/30893 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0628
https://notcve.org/view.php?id=CVE-2007-0628
31 Jan 2007 — Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en Sun Java System Access Manager versiones 6.1, 6.2, 6 2005Q1 (6.3) y 7 2005Q4 (7.0) anteriores a 20070129, permite a ataca... • http://osvdb.org/33010 •