The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102909 Cross-site Scripting Vulnerability in Sun Java System Messaging Server

Guest Author
Product: Sun Java System Messaging Server 6.0, Sun Java System Messaging Server 6.3

A Cross Site Scripting (CSS or XSS) vulnerability in the Sun Java System Messaging Server may allow an unprivileged remote user the ability to execute arbitrary JavaScript commands in a client user's Internet Explorer web browser. This may allow the remote user to steal cookie information, hijack sessions, or cause a loss of data privacy.

Additional information about cross-site scripting and web script vulnerabilities can be found at the following URLs:

Avoidance: Patch
State: Resolved
First released: 23-May-2007

Join the discussion

Comments ( 1 )
  • Fred Batty Wednesday, September 12, 2007

    Fixed in versions:
    6.2-9.02 125813,125814-02,125815-02
    6.3-1.02 120228,120229-18,120230-18

Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.