Description

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.

Remediation

References

CVE-2007-0273

Related Vulnerabilities

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-18260)

WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0)

Jenkins Other Vulnerability (CVE-2020-2100)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)

WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)

Severity

Medium

Classification

CVE-2007-0273

Tags

Missing Update Known Vulnerabilities