Show plain JSON{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-05-05T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20090505 [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503236/100/0/threaded"}, {"name": "258528", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258528-1"}, {"name": "[dev] 20090319 [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.nabble.com/-DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p22595435.html"}, {"name": "54254", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54254"}, {"name": "[cvs] 20090322 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/configuration/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29675"}, {"name": "54256", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54256"}, {"name": "[dev] 20090411 Re: [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.nabble.com/Re:--DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p23002524.html"}, {"name": "54250", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54250"}, {"name": "54253", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54253"}, {"name": "54257", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54257"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29669"}, {"name": "glassfish-jsa-admininterface-xss(50453)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50453"}, {"name": "JVNDB-2009-000027", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000027.html"}, {"name": "ADV-2009-1255", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1255"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/java/com/sun/enterprise/tools/admingui/handlers/CommonHandlers.java", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29668"}, {"name": "54252", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54252"}, {"name": "54255", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54255"}, {"tags": ["x_refsource_MISC"], "url": "http://dsecrg.com/pages/vul/show.php?id=134"}, {"name": "54249", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54249"}, {"name": "JVN#73653977", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN73653977/index.html"}, {"name": "54251", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/54251"}, {"name": "34824", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34824"}, {"name": "34914", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34914"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1553", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090505 [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503236/100/0/threaded"}, {"name": "258528", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258528-1"}, {"name": "[dev] 20090319 [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "refsource": "MLIST", "url": "http://www.nabble.com/-DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p22595435.html"}, {"name": "54254", "refsource": "OSVDB", "url": "http://osvdb.org/54254"}, {"name": "[cvs] 20090322 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/configuration/", "refsource": "MLIST", "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29675"}, {"name": "54256", "refsource": "OSVDB", "url": "http://osvdb.org/54256"}, {"name": "[dev] 20090411 Re: [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "refsource": "MLIST", "url": "http://www.nabble.com/Re:--DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p23002524.html"}, {"name": "54250", "refsource": "OSVDB", "url": "http://osvdb.org/54250"}, {"name": "54253", "refsource": "OSVDB", "url": "http://osvdb.org/54253"}, {"name": "54257", "refsource": "OSVDB", "url": "http://osvdb.org/54257"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/", "refsource": "MLIST", "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29669"}, {"name": "glassfish-jsa-admininterface-xss(50453)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50453"}, {"name": "JVNDB-2009-000027", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000027.html"}, {"name": "ADV-2009-1255", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1255"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/java/com/sun/enterprise/tools/admingui/handlers/CommonHandlers.java", "refsource": "MLIST", "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29668"}, {"name": "54252", "refsource": "OSVDB", "url": "http://osvdb.org/54252"}, {"name": "54255", "refsource": "OSVDB", "url": "http://osvdb.org/54255"}, {"name": "http://dsecrg.com/pages/vul/show.php?id=134", "refsource": "MISC", "url": "http://dsecrg.com/pages/vul/show.php?id=134"}, {"name": "54249", "refsource": "OSVDB", "url": "http://osvdb.org/54249"}, {"name": "JVN#73653977", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN73653977/index.html"}, {"name": "54251", "refsource": "OSVDB", "url": "http://osvdb.org/54251"}, {"name": "34824", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34824"}, {"name": "34914", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34914"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:20:33.751Z"}, "title": "CVE Program Container", "references": [{"name": "20090505 [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503236/100/0/threaded"}, {"name": "258528", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258528-1"}, {"name": "[dev] 20090319 [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.nabble.com/-DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p22595435.html"}, {"name": "54254", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54254"}, {"name": "[cvs] 20090322 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/configuration/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29675"}, {"name": "54256", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54256"}, {"name": "[dev] 20090411 Re: [DSECRG] Sun Glassfish Multiple Security Vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.nabble.com/Re:--DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p23002524.html"}, {"name": "54250", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54250"}, {"name": "54253", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54253"}, {"name": "54257", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54257"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/docroot/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29669"}, {"name": "glassfish-jsa-admininterface-xss(50453)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50453"}, {"name": "JVNDB-2009-000027", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000027.html"}, {"name": "ADV-2009-1255", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1255"}, {"name": "[cvs] 20090320 CVS update [SJSAS91_FCS_BRANCH]: /glassfish/admin-gui/src/java/com/sun/enterprise/tools/admingui/handlers/CommonHandlers.java", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://glassfish.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=29668"}, {"name": "54252", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54252"}, {"name": "54255", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54255"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://dsecrg.com/pages/vul/show.php?id=134"}, {"name": "54249", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54249"}, {"name": "JVN#73653977", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN73653977/index.html"}, {"name": "54251", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/54251"}, {"name": "34824", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34824"}, {"name": "34914", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34914"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1553", "datePublished": "2009-05-06T16:00:00", "dateReserved": "2009-05-06T00:00:00", "dateUpdated": "2024-08-07T05:20:33.751Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}