Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Glassfish Enterprise Server管理控制台多个跨站脚本漏洞
Vulnerability Description
Sun GlassFish Enterprise Server是供GlassFish社区使用的综合支持服务,是用于构建和部署下一代应用程序和服务的开源和开放社区平台。 GlassFish Enterprise Server的管理控制台没有正确地验证URL字符串和GET请求参数,远程攻击者可以通过向服务器提交恶意请求执行跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A