UBUNTU-CVE-2008-5266

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2008-5266
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2008/UBUNTU-CVE-2008-5266.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2008-5266
Upstream
  • CVE-2008-5266
Withdrawn
2025-08-01T19:34:09Z
Published
2008-11-28T19:00:00Z
Modified
2025-08-01T04:49:06Z
Severity
  • Ubuntu - low
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.101 build b09d-fcs and 9.102 build b04-fcs allows remote attackers to inject arbitrary web script or HTML via the name parameter, a different vector than CVE-2008-2751.

References

Affected packages

Ubuntu:Pro:16.04:LTS / glassfish

Package

Name
glassfish
Purl
pkg:deb/ubuntu/glassfish@1:2.1.1-b31g+dfsg1-3?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*
1:2.1.1-b31g+dfsg1-3

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2008/UBUNTU-CVE-2008-5266.json"

Ubuntu:Pro:18.04:LTS / glassfish

Package

Name
glassfish
Purl
pkg:deb/ubuntu/glassfish@1:2.1.1-b31g+dfsg1-4?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*
1:2.1.1-b31g+dfsg1-4

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2008/UBUNTU-CVE-2008-5266.json"