Vulnerability in Oracle Weblogic_portal
CVE-2007-2702
Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor.
EPSS: 0.015 (71.3th percentile) — read the EPSS interpretation.
Affected products
- Oracle Weblogic_portal — versions 9.2
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_BEA, Patch, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)