CVE-2005-0873

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter.

Ссылки

http://marc.info/?l=bugtraq&m=111168323804203&w=2
http://secunia.com/advisories/17250
http://www.kb.cert.org/vuls/id/210524
US Government Resource
http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html
http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html
http://www.securityfocus.com/bid/12892
Exploit
http://www.securityfocus.com/bid/15134
http://www.us-cert.gov/cas/techalerts/TA05-292A.html
US Government Resource
http://marc.info/?l=bugtraq&m=111168323804203&w=2
http://secunia.com/advisories/17250
http://www.kb.cert.org/vuls/id/210524
US Government Resource
http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html
http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html
http://www.securityfocus.com/bid/12892
Exploit
http://www.securityfocus.com/bid/15134
http://www.us-cert.gov/cas/techalerts/TA05-292A.html
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:10g_reports_server:9.0.4.3.3:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.67385

Средний

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m254-v53j-83fh

github

почти 4 года назад