Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OracleAS Discussion Forum Portlet多个远程输入验证漏洞
Vulnerability Description
OracleAS Discussion Forum Portlet是一款测试版的论坛程序。 OracleAS Discussion Forum Portlet存在输入验证漏洞,远程攻击者可能利用此漏洞完全控制系统。由于没有正确的验证用户输入,导致OracleAS Discussion Forum Portlet中存在多个远程漏洞,包括跨站脚本和HTML注入等,可能导致完全入侵服务器或泄漏敏感信息等。
CVSS Information
N/A
Vulnerability Type
N/A