Unrated severityNVD Advisory· Published Oct 24, 2006· Updated Jun 16, 2026
CVE-2006-5486
CVE-2006-5486
Description
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:iplanet_messaging_server:5.2:*:*:*:*:*:*:*
- (no CPE)range: =5.2
cpe:2.3:a:sun:java_system_messaging_server:6.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sun:java_system_messaging_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_messaging_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_messaging_server:6.2:*:*:*:*:*:*:*
- (no CPE)range: >=6.0 <=6.2
Patches
Vulnerability mechanics
References
6- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- secunia.com/advisories/22575nvdVendor Advisory
- securitytracker.com/idnvd
- www.securityfocus.com/bid/20708nvd
- www.vupen.com/english/advisories/2006/4183nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29806nvd
News mentions
0No linked articles in our index yet.