Description
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.
Remediation
References
Related Vulnerabilities
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0050)
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.32)
WordPress Plugin Tickera-WordPress Event Ticketing Cross-Site Request Forgery (3.4.9.9)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31552)