CVE-2007-3503

The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Date published : 2007-06-29

http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

http://dev2dev.bea.com/pub/advisory/248