:A vulnerability has been reported in Sun JavaDoc, which can be exploited by malicious people to conduct cross-site scripting attacks.The vulnerability is caused due to an error when generating HTML documentation pages and can potentially be exploited to conduct cross-site scripting attacks on a website that hosts the generated documentation.The vulnerability affects JDK 6 and JDK 5.0 Update 11 and earlier for Solaris, Linux, and Windows.Solution:Apply updates and regenerate any "index.html" page that was generated with an affected version.JDK 6:Update to JDK 6 Update 1 or later.http://java.sun.com/javase/downloads/index.jspJDK 5.0:Update to JDK 5.0 Update 12 or later.http://java.sun.com/javase/downloads/index_jdk5.jspProvided and/or discovered by:The vendor credits Martin Straka.Original Advisory:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1

Original post by manisha