VYPR
Unrated severityNVD Advisory· Published May 20, 2006· Updated Jun 16, 2026

CVE-2006-2501

CVE-2006-2501

Description

Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23
  • cpe:2.3:a:sun:java_system_application_server:*:ur2:enterprise:*:*:*:*:*+ 9 more
    • cpe:2.3:a:sun:java_system_application_server:*:ur2:enterprise:*:*:*:*:*range: <=7.0
    • cpe:2.3:a:sun:java_system_application_server:*:ur2:standard:*:*:*:*:*range: <=7.0
    • cpe:2.3:a:sun:one_application_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:6.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:7.0:*:platform:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:7.0:*:standard:*:*:*:*:*
    • cpe:2.3:a:sun:one_application_server:*:update_6:platform:*:*:*:*:*range: <=7.0
    • cpe:2.3:a:sun:one_application_server:*:update_6:standard:*:*:*:*:*range: <=7.0
    • (no CPE)range: <=7 2004Q2 Standard/Enterprise Edition Update 2
  • cpe:2.3:a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_server:6.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_server:6.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_server:6.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_web_server:*:sp4:*:*:*:*:*:*range: <=6.1
    • (no CPE)range: <=6.1 SP4
  • cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_web_server:6.0:sp7:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_web_server:6.0:sp8:*:*:*:*:*:*
    • cpe:2.3:a:sun:one_web_server:*:sp9:*:*:*:*:*:*range: <=6.0
    • (no CPE)range: <=6.0 SP9

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.