Description

Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print.

Remediation

References

CVE-2002-1636

Related Vulnerabilities

WordPress Plugin Tidio Live Chat Cross-Site Request Forgery (4.1.0)

WordPress Plugin BuddyDrive Cross-Site Scripting (1.2.2)

WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.96)

MODX Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-8775)

Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20676)

Severity

Medium

Classification

CVE-2002-1636

Tags

Missing Update Known Vulnerabilities