The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation6 reference(s) from NVD