Vulnerabilities > CVE-2005-2379 - Cross-Site Scripting vulnerability in Oracle Reports 9.0.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
oracle
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Reports 9.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) debug parameter to showenv, (2) test parameter to parsequery, or (3) delimiter or (4) CELLWRAPPER parameter to rwservlet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |