CVE-2008-1285
Sun Java Server Faces <1.2_08 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
References (14)
Scores
EPSS
0.0056
EPSS Percentile
67.9%
Classification
CWE
CWE-79
Status
draft
Affected Products (2)
sun/jsf
< 1.2_07
com.sun.faces/jsf-api
< 1.2.08Maven
Timeline
Published
Mar 11, 2008
Tracked Since
Feb 18, 2026