Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2002-1636 | Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print. |
Assigned (20050328) | MISC:http://www.nextgenss.com/papers/hpoas.pdf | XF:oracle-htpprint-xss(10687) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/10687 |
Page created: