vendor:
Database
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: Database
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Oracle Database Cross-Site Scripting Vulnerability
Oracle Database is prone to a cross-site scripting vulnerability that affects the Secure Enterprise Search component. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Mitigation:
Users should avoid visiting untrusted websites and clicking on links provided by unknown or untrusted sources.