Sun Java Identity Manager VulnerabilitiesMSI

Sun released two advisories today. The first details Coss-Site Scripting vulnerabilites in Sun Java System Identity Manager. They consist of input validation errors in the parameters “cntry” and “lang” of /idm/login.jsp, the “resultsForm” parameter of /idm/account/findForSelect.jsp and the “helpUrl” parameter of /idm/help/index.jsp. The original advisory can be found at:http://sunsolve.sun.com/search/document.do?assetkey=1-26-103180-1

The second involves

MSI :: State of Security

Insight from the Information Security Experts

Sun Java Identity Manager Vulnerabilities

Leave a Reply