Security Advisory

CVE-2018-16953

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-18 02:00:00

Last updated 2024-08-05 10:39:58

Assigner mitre

State PUBLISHED

Description

The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). User input from the name parameter is unsafely reflected in the server response. NOTE: this CVE is assigned by MITRE and isnt validated by Oracle because Oracle WebCenter Interaction Portal is out of support.

← Browse all CVEs View on cve.org ↗