CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4456
https://notcve.org/view.php?id=CVE-2010-4456
19 Jan 2011 — Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. Vulnerabilidad no especificada en Oracle Sun Java System Communications Express v6.2 y v6.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con la Web de correo. • http://osvdb.org/70586 •
CVSS: 6.1EPSS: 9%CPEs: 6EXPL: 5CVE-2009-1729 – Sun Java System Communications Express 6.3 - 'search.xml' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-1729
21 May 2009 — Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados - XSS - en Sun Java System Communications Exp... • https://www.exploit-db.com/exploits/32863 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •