Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Java System Communications Express跨站脚本攻击漏洞
Vulnerability Description
Sun Java System Communications Express为Sun Java通讯套件提供了WEB客户端,允许通过浏览器管理邮件、日历、任务等。 Sun Java System Communications Express 6.2和6.3版本中存在跨站脚本攻击漏洞。远程攻击者可借助消息的主题字段注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A