Description
Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP04. NOTE: Oracle has not disputed reliable researcher claims that this issue is related to directory traversal that allows reading of portions of arbitrary XML files via the customize parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form Manager Multiple Cross-Site Scripting Vulnerabilities (1.4.1)
ownCloud Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-36252)
ZenCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0697)
WordPress Plugin Zedna eBook download Directory Traversal (1.1)