Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20171
HistoryJul 18, 2008 - 12:00 a.m.

Oracle Portal XSS fixed by CPU July 2008

2008-07-1800:00:00
vulners.com
21
JSON

Class: Input Validation Error
Risk: Low
Remote: Yes

Oracle has just released CPU July 2008 critical patch that fixes a flaw
which allows code injection by malicious web users into the web pages
viewed by other users.

The security issue was found on POPUP_NAME parameter OF
PORTAL.WWPOB_HOME_PAGE web page of Oracle Portal.

After months, the patch is now available:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2008.html

Regards,

Andrea Purificato

Ethical Hacker @ Unidata S.p.A.
http://rawlab.mindcreations.com

JSON