/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun java system identity manager 7.1 |
||
sun java system identity manager 6.0 |
||
sun java system identity manager 7.0 |