Security Advisory
CVE-2008-2166
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.