Release DateAug 18, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt to exploit a Cross Site Scripting (XSS) vulnerability in Oracle GlassFish Server.The vulnerability is a result of the application's failure to properly sanitize input. As a result, a remote attacker can execute arbitrary script code within the context of the user. |
Affected ProductsOracle GlassFish 2.1.1 |
Recommended ActionsApply the patch available from the website.http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-2260 |
