Description: A vulnerability has been reported in Sun Java System Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Unspecified input is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
Solution: Apply patches.
-- SPARC Platform --
Sun ONE Application Server 7:
Apply update 9 or later.
Sun Java System Application Server 7 2004Q2:
Apply update 5 or later.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.