![]() * The GET request has been set to: >'">alert(20639) jde/JASMafletMafBrowserClose.mafService: jdemafjasLinkTarget jde/MafletClose.mafService: RENDER_MAFLET jde/E1Menu_Menu.mafService: e1.namespace The vulnerabilities can be triggered by any logged-in user.Īt least the following parameters are not properly sanitized: Multiple Reflected Cross Site Scripting vulnerabilities were found in Oracle JD Edwards EnterpriseOne, because the application fails to sanitize user-supplied input. Reference to Vulnerability Disclosure Policy: Vulnerability Class: Reflected Cross-Site Scripting (XSS)Īffected Applications: Oracle JD Edwards EnterpriseOne v8.12 other versions may also be affected.Īffected Platforms: Any running Oracle JD Edwards EnterpriseOne Internal Cybsec Advisory Id: 2011-0402-Multiple XSSs in Oracle JD Edwards EnterpriseOne Change Mirror Download Advisory Name: Multiple Cross-Site Scripting (XSS) in Oracle JD Edwards EnterpriseOne
0 Comments
Leave a Reply. |