Candidate: CVE-2009-1380
PublicDate: 2009-12-15 18:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1380
Description:
 Cross-site scripting (XSS) vulnerability in JMX-Console in JBossAs in Red
 Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2
 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 allows remote attackers to
 inject arbitrary web script or HTML via the filter parameter, related to
 the key property and the position of quote and colon characters.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_jbossas4:
upstream_jbossas4: released (4.2.0.CP08, 4.3.0.CP07)
dapper_jbossas4: DNE
gutsy_jbossas4: DNE
hardy_jbossas4: not-affected (4.2.2.GA-1)
intrepid_jbossas4: not-affected (4.2.2.GA-5ubuntu2)
jaunty_jbossas4: not-affected (4.2.3.GA-1)
karmic_jbossas4: not-affected (4.2.3.GA-1)
devel_jbossas4: not-affected (4.2.3.GA-1ubuntu1)