XSS in Sun Java_system_web_proxy_server

CVE-2007-6572

Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.017 (73.6th percentile) — read the EPSS interpretation.

Affected products

Sun Java_system_web_proxy_server — versions 3.6, 4.0, 4.0.2
Sun Java_system_web_server — versions 6.0, 6.1, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (vendor-advisory, Patch, x_refsource_SUNALERT)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)