Oracle WebCenter Sites (AKA FatWire) XSS / SQL Injection / CSRF

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable version: 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2,...

CVE-2012-3183

Affected product: Oracle WebCenter Sites (Oracle Fusion Middleware) versions 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0. Vulnerability in the UI Subcomponent allows remote authenticated users to affect confidentiality and integrity via unknown vectors; for CVE-2012...