← Back

CVE-2002-1640

nvd nist
Published: Apr 1, 2002Modified: Apr 16, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet.

Affected (3)

Products: Oracle: Configurator
Oracle
1 product
Configurator
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Configurator
From 11.5.6.0.0 to 11.5.6.16.52
Configurator
From 11.5.7.0.0 to 11.5.7.17.31
Configurator
Version 11i

References (12)

Source: cve@mitre.org
ExploitPatchThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Third Party AdvisoryVDB EntryVendor Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB EntryVendor Advisory
Source: cve@mitre.org
VDB Entry
Source: cve@mitre.org
VDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
VDB Entry

Timeline

No history available yet.