The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle jdk 1.5.0 |
||
oracle jdk 1.6.0 |