2 matches found
CVE-2018-16955
The login function of Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting XSS. The content of the inhiredirect parameter, when prefixed with the https:// scheme, is unsafely reflected in a HTML META tag in the HTTP response. NOTE: this CVE is assigned by MIT...
CVE-2018-16955
CVE-2018-16955 concerns Oracle WebCenter Interaction Portal 10.3.3. The vulnerability is a reflected cross-site scripting (XSS) in the login function: the content of the in_hi_redirect parameter, when prefixed with https://, is unsafely reflected into an HTML META tag in the HTTP response. This i...