The vulnerability CVE-2008-1285 enables remote attackers to inject code and is described as:
Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
- Red Hat JBoss Enterprise Application Platform (EAP)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.