9 lines
No EOL
561 B
Text
9 lines
No EOL
561 B
Text
source: http://www.securityfocus.com/bid/24697/info
|
|
|
|
Oracle Rapid Install Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability to inject HTML and script code into the browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials and launch other attacks.
|
|
|
|
http://www.example.com:8004/pls/MSBEP004/<script>alert("XSS")</script>
|
|
|
|
http://www.example.com:8004/pls/<script>alert("XSS")</script> |