← back
CVE-2002-2347

CVE-2002-2347

EPSS 1.7%
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://otn.oracle.com/deploy/security/pdf/2002alert41rev1.pdfhttp://www.iss.net/security_center/static/9842.phphttp://www.securityfocus.com/bid/5452