3 matches found
Oracle Application Server BPEL Module Cross Site Scripting (CVE-2008-4014)
Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. BPEL Business Process Execution Language is an XML based language used for describing...
Oracle Application Server Cross Site Scripting
Digital Security Research Group DSecRG Advisory DSECRG-09-001 Application: Oracle Application Server SOA Versions Affected: Oracle Application Server SOA version 10.1.3.1.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported: 10.01.2008 Vendor response: 11.01.2008 Date of Public...
CVE-2008-4014
The CVE-2008-4014 issue affects Oracle Application Server’s BPEL (Business Process Execution Language) component, specifically the BPEL Console/Activities.jsp page, where a Linked XSS vulnerability was identified in the DSecRG advisory (DSecRG-09-001). Exploitation was demonstrated via crafted UR...