Unrated severityNVD Advisory· Published Jun 26, 2006· Updated Apr 16, 2026

CVE-2006-3225

Description

Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.

Affected products

Sun Corporation/Java System Application Server2 versions
cpe:2.3:a:sun:java_system_application_server:8.1:*:enterprise:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:java_system_application_server:8.1:*:enterprise:*:*:*:*:*
- cpe:2.3:a:sun:java_system_application_server:*:ur4:*:*:*:*:*:*range: <=7.0
Sun Corporation/One Application Server
cpe:2.3:a:sun:one_application_server:*:update_8:*:*:*:*:*:*
Range: <=7.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000