Description
Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.
Remediation
References
Related Vulnerabilities
MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)
XWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-32729)
WordPress Plugin WP Easy Gallery 'select_gallery' Parameter Cross-Site Scripting (1.7)
WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5)