Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Communications Express多个跨站脚本漏洞
Vulnerability Description
Sun Java System Communications Express为Sun Java通讯套件提供了WEB客户端,允许通过浏览器管理邮件、日历、任务等。 Sun Java System Communications Express的https://<server>/uwc/abs/search.xml? 和http://<server>/uwc/base/UWCMain 文件中存在跨站脚本漏洞。如果远程攻击者向服务器提交了带有畸形参数的GET请求的话,就可以导致在用户浏览器会话中执行任意脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A