Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/account/findForSelect.jsp, or (3) activeControl parameter to /idm/user/main.jsp.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-01-11T22:00:00
Updated: 2018-10-15T20:57:01
Reserved: 2008-01-11T00:00:00
Link: CVE-2008-0239
JSON object: View
NVD Information
Status : Modified
Published: 2008-01-11T22:46:00.000
Modified: 2018-10-15T21:58:48.377
Link: CVE-2008-0239
JSON object: View
Redhat Information
No data.
CWE