Description
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.
Affected products
- sun / iplanet_messaging_server5.2 – 5.2
- sun / java_system_messaging_server6.0 – 6.0
- sun / java_system_messaging_server6.1 – 6.1
- sun / java_system_messaging_server6.2 – 6.2
References
- MISChttp://www.securityfocus.com/bid/20708
- MISChttp://securitytracker.com/id?1017113
- MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102497-1
- VENDOR_ADVISORYhttp://secunia.com/advisories/22575
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4183
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/29806