Description

Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.

Remediation

References

CVE-2002-2347

Related Vulnerabilities

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)

WordPress Plugin Grow by Tradedoubler-Advertiser for WooCommerce Local File Inclusion (2.0.21)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.21)

TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)

MySQL CVE-2024-21061 Vulnerability (CVE-2024-21061)

Severity

Medium

Classification

CVE-2002-2347 CWE-707

Tags

Missing Update Known Vulnerabilities