Description
The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
Remediation
References
Related Vulnerabilities
WordPress Plugin ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7)
MySQL CVE-2022-21605 Vulnerability (CVE-2022-21605)
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1927)
Joomla! Core 3.x.x Security Bypass (3.8.8 - 3.9.16)
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.5)