Cross-site scripting (XSS) vulnerability in ThemeServlet.java in Sun Woodstock 4.2, as used in Sun GlassFish Enterprise Server and other products, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 string in the PATH_INFO, which is displayed on the 404 error page, as demonstrated by the PATH_INFO to theme/META-INF.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
| Link | Tags |
|---|---|
| http://www.nabble.com/-DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p22595435.html | mailing list exploit |
| http://www.securityfocus.com/bid/34829 | vdb entry exploit |
| http://www.nabble.com/Re:--DSECRG--Sun-Glassfish-Multiple-Security-Vulnerabilities-p23002524.html | mailing list |
| http://www.securityfocus.com/archive/1/503239/100/0/threaded | mailing list |
| http://secunia.com/advisories/35006 | third party advisory |
| http://osvdb.org/54220 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50336 | vdb entry |
| https://woodstock.dev.java.net/servlets/ReadMsg?list=cvs&msgNo=4041 | mailing list patch vendor advisory |
| http://dsecrg.com/pages/vul/show.php?id=138 | exploit |