CVE-2008-0239
CVE-2008-0239
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/account/findForSelect.jsp, or (3) activeControl parameter to /idm/user/main.jsp.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
exploitdbwww.exploit-db.com/exploits/31005no verificadoexploitdbwww.exploit-db.com/exploits/31004no verificadoexploitdbwww.exploit-db.com/exploits/31007no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/28356http://securityreason.com/securityalert/3535https://exchange.xforce.ibmcloud.com/vulnerabilities/39580https://exchange.xforce.ibmcloud.com/vulnerabilities/39581https://exchange.xforce.ibmcloud.com/vulnerabilities/39582https://exchange.xforce.ibmcloud.com/vulnerabilities/39583http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1http://sunsolve.sun.com/search/document.do?assetkey=1-66-200558-1http://www.procheckup.com/Vulnerability_PR07-06.phphttp://www.procheckup.com/Vulnerability_PR07-07.phphttp://www.procheckup.com/Vulnerability_PR07-08.phphttp://www.procheckup.com/Vulnerability_PR07-09.php