Unrated severityNVD Advisory· Published May 26, 2009· Updated Jun 16, 2026
CVE-2009-1796
CVE-2009-1796
Description
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page.
Affected products
13cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:6.3.1:*:x86:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.1:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.1:*:sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.1:*:x86:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.2:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.2:*:sparc:*:*:*:*:*
- cpe:2.3:a:sun:java_system_portal_server:7.2:*:x86:*:*:*:*:*
- (no CPE)range: 6.3.1, 7.1, 7.2
Patches
Vulnerability mechanics
References
8- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- sunsolve.sun.com/search/document.donvdPatchVendor Advisory
- www.securityfocus.com/bid/35082nvdPatch
- osvdb.org/54705nvd
- secunia.com/advisories/35221nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2009/1411nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/50704nvd
News mentions
0No linked articles in our index yet.