source: https://www.securityfocus.com/bid/13422/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. The issue affects the 'PartialPageErrorPage' parameter of the 'webcacheadmin' script. http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.Site.ApologyPages_Edit&ACTION=Submit&PartialPageErrorPage=/inservice.html&site_id=2