VYPR
Unrated severityNVD Advisory· Published Jan 31, 2007· Updated Jun 16, 2026

CVE-2007-0628

CVE-2007-0628

Description

Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information.

Affected products

5
  • cpe:2.3:a:sun:java_system_access_manager:6.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:sun:java_system_access_manager:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_access_manager:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_access_manager:6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sun:java_system_access_manager:7.0:*:*:*:*:*:*:*
    • (no CPE)range: 6.1, 6.2, 6 2005Q1 (6.3), 7 2005Q4 (7.0) before 20070129

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.