Description

Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.

Remediation

References

CVE-2002-2347

Related Vulnerabilities

WordPress Plugin Poll, Survey, Form & Quiz Maker by OpinionStage Unspecified Vulnerability (15.0.0)

Apache HTTP Server Other Vulnerability (CVE-2000-0868)

MySQL CVE-2019-2566 Vulnerability (CVE-2019-2566)

WordPress Plugin MiniMax-Page Layout Builder Arbitrary File Upload (1.7.1)

PHP Other Vulnerability (CVE-2007-1378)

Severity

Medium

Classification

CVE-2002-2347 CWE-707

Tags

Missing Update Known Vulnerabilities