Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Oracle Application Express (formerly HTML DB) before 2.2.1 allows remote attackers to inject arbitrary HTML or web script via the WWV_FLOW_ITEM_HELP package. NOTE: it is likely that this issue overlaps one of the Oracle VulnIDs covered by CVE-2006-5351. Oracle has not publicly disputed claims by a reliable researcher that this has been fixed by the October 2006 CPU.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle Application Express WWV_FLOW_ITEM_HELP数据包跨站脚本攻击漏洞
Vulnerability Description
Oracle Application Express (以前为HTML DB) 2.2.1之前版本中的存在跨站脚本攻击漏洞,远程攻击者可以通过WWV_FLOW_ITEM_HELP数据包来注入任意HTML或Web脚本。
CVSS Information
N/A
Vulnerability Type
N/A