Description
Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allows remote attackers to affect integrity via unknown vectors. NOTE: the previous information was obtained from the July 2009 CPU. Oracle has not commented on claims from an established researcher that this is cross-site scripting (XSS) via the search_p_groups parameter in search/query/search.
Remediation
References
Related Vulnerabilities
WordPress Plugin Under Construction, Coming Soon & Maintenance Mode Multiple Vulnerabilities (1.1.1)
Atlassian Jira CVE-2020-36237 Vulnerability (CVE-2020-36237)
WordPress Plugin wp-easybooking Cross-Site Scripting (1.0.3)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-3011)