Description
Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print.
Remediation
References
Related Vulnerabilities
Atlassian Confluence Missing Authorization Vulnerability (CVE-2021-26085)
Magento Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3458)
Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)
WordPress Plugin Integration for Contact Form 7 and Salesforce Cross-Site Scripting (1.2.4)