Vulnerability in N/a
CVE-2005-0873
Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter.
EPSS: 0.674 (98.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 12892 (vdb-entry, x_refsource_BID)
- www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html (x_refsource_CONFIRM)
- 20050324 Oracle Reports Server 10g Vulnerable to XSS (mailing-list, x_refsource_BUGTRAQ)
- TA05-292A (x_refsource_CERT, third-party-advisory)
- 15134 (vdb-entry, x_refsource_BID)
- VU#210524 (x_refsource_CERT-VN, third-party-advisory)
- www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.h… (x_refsource_CONFIRM)
- 17250 (x_refsource_SECUNIA, third-party-advisory)