Vulnerabilities > CVE-2006-6703 - Cross-Site Scripting vulnerability in Oracle Portal Container_Tabs.JSP

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

oracle

exploit available

NVD

Published: 2006-12-23

Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Oracle10G * Oracle Oracle9I *	2

Exploit-Db

description	Oracle Portal 9i/10g Container_Tabs.JSP Cross-Site Scripting Vulnerability. CVE-2006-6703. Webapps exploit for php platform
id	EDB-ID:29308
last seen	2016-02-03
modified	2006-12-22
published	2006-12-22
reporter	putosoft softputo
source	https://www.exploit-db.com/download/29308/
title	Oracle Portal 9i/10g Container_Tabs.JSP Cross-Site Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References