本頁列出影響 sun java_system_portal_server 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2010-4431 | Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy. | [email protected] | 1.0 | 0.29% | 2011-01-19 | 2026-04-29 |
| CVE-2009-4187 | Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 1.66% | 2009-12-03 | 2026-04-23 |
| CVE-2009-1796 | Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page. | [email protected] | 4.3 | 1.98% | 2009-05-26 | 2026-04-23 |
| CVE-2008-6192 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | [email protected] | 4.3 | 1.90% | 2009-02-19 | 2026-04-23 |
| CVE-2008-5549 | Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet." | [email protected] | 5.0 | 2.29% | 2008-12-12 | 2026-04-23 |
| CVE-2007-4289 | Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715. | [email protected] | 6.8 | 1.67% | 2007-08-09 | 2026-04-23 |