CVE-2009-2283
Sun Java Web Console 3.0.2-3.0.5 - Cross-Site Scripting in Help JSP Scripts
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (4)
Core 4
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262428-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35597
Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020659.1-1
Patch x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-136987-03-1
Scores
EPSS
0.0020
EPSS Percentile
41.8%
Details
CWE
CWE-79
Status
published
Products (5)
sun/java_web_console
3.0.2 (6 CPE variants)
sun/java_web_console
3.0.3 (5 CPE variants)
sun/java_web_console
3.0.4 (5 CPE variants)
sun/java_web_console
3.0.5 (5 CPE variants)
sun/solaris
10 (2 CPE variants)
Published
Jul 01, 2009
Tracked Since
Feb 18, 2026