CVE-2005-4549 in Application Server Discussion Forum Portletinfo

Summary

Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/28/2005

Disclosure

12/28/2005

Moderation

VulDB entry created

Entries

1: VDB-27785

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00952

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-4549
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4549
CVE Details	https://www.cvedetails.com/cve/CVE-2005-4549/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!