Cross-site Scripting Vulnerability in Oracle XML DB by Oracle
CVE-2005-3204

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i; Application Server
Vendor: CVE Published:; 14 October 2005

What is CVE-2005-3204?

The vulnerability in Oracle XML DB 9iR2 enables remote attackers to exploit cross-site scripting (XSS) techniques. By injecting malicious web scripts or HTML into the query string of an HTTP request, attackers can manipulate the behavior of the web application, potentially leading to unauthorized access and data exposure. It is crucial for users and administrators of Oracle XML DB to apply security measures and updates to mitigate this threat effectively.

References

http://securityreason.com/securityalert/66

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/15034

vdb-entryx_refsource_BID

http://www.red-database-security.com/advisory/oracle_xmld...

x_refsource_MISC

EPSS Score

37% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2005
Vulnerability Reserved
Oct 14, 2005