Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2008-5266 - Vulnerability Database
GlassFish

GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2008-5266

Medium
Reference: CVE-2008-5266
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-5266
Title: GlassFish Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter a different vector than CVE-2008-2751.