Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-10-29T19:00:00Z
Updated: 2024-09-17T00:26:44.150Z
Reserved: 2007-10-29T00:00:00Z
Link: CVE-2002-2347
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2002-12-31T05:00:00.000
Modified: 2008-09-05T20:32:59.367
Link: CVE-2002-2347
Redhat
No data.