Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote malicious users to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle application server portal |