Unrated severityNVD Advisory· Published Mar 8, 2008· Updated Jun 16, 2026
CVE-2008-1204
CVE-2008-1204
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
Affected products
11cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:hp-ux:*:*:*:*:*+ 10 more
- cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:hp-ux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:solaris_sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:solaris_x86:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.0_2005q4:*:windows:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.0:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:hp-ux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:solaris_x86:*:*:*:*:*
- cpe:2.3:a:sun:java_system_access_manager:7.1:*:windows:*:*:*:*:*
- (no CPE)range: 7.1, 7 2005Q4
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.