VULHUB ™

An issue has been discovered in Oracle Configurator, which may allow users to execute script as the web host. Oracle fails to properly filter malicious HTML tags and script from text input boxes, as a result, a host using Text Features and the DHTML user interface are subject to this issue. Script code submitted by the end user will execute within the context of the vulnerable page.

An issue has been discovered in Oracle Configurator, which may allow users to execute script as the web host. Oracle fails to properly filter malicious HTML tags and script from text input boxes, as a result, a host using Text Features and the DHTML user interface are subject to this issue. Script code submitted by the end user will execute within the context of the vulnerable page.