XSS Vulnerabilities in Oracle Portal by Oracle
CVE-2006-6703
Currently unrated
Summary
Multiple cross-site scripting vulnerabilities in Oracle Portal 9i and 10g enable remote attackers to exploit the system by injecting arbitrary JavaScript through the tc parameter in the webapp/jsp/container_tabs.jsp file and other unspecified vectors. This could lead to unauthorized actions carried out on behalf of the victim user, potentially compromising sensitive information.
References
EPSS Score
11% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved