Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Oracle10g | Oracle | * | * |
Oracle9i | Oracle | * | * |