Page 6 of 51 results (0.004 seconds)
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0CVE-2009-2405 – JBoss Application Server Web Console XSS
https://notcve.org/view.php?id=CVE-2009-2405
15 Dec 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML via the (1) monitorName, (2) objectName, (3) attribute, or (4) period parameter to createSnapshot.jsp, or the (5) monitorName, (6) objectName, (7) attribute, (8) threshold, (9) period, or (10) enabled parameter... • http://secunia.com/advisories/35680 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •