2 matches found
CVE-2007-3553
Cross-site scripting XSS vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using 1 pls/ and 2 pls/MSBEP004/. NOTE: the provenance of this information is...
Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/24697/info Oracle Rapid Install Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to inject HTML and script code into the browser ...