CVE Vulnerabilities

CVE-2007-0628

Published: Jan 31, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Java_system_access_manager Sun 6.2 6.2
Java_system_access_manager Sun 6.3 6.3
Java_system_access_manager Sun 7.0 7.0
Java_system_access_manager Sun 6.1 6.1

References