Full Disclosure mailing list archives
Cross Site Scripting in BEA Admin Console
From: "Kornbrust, Alexander" <ak () red-database-security com>
Date: Thu, 28 Apr 2005 18:56:17 +0200
Red-Database-Security GmbH Research Advisory Name Cross Site Scripting in BEA Admin Console Systems Affected BEA Admin Console 8.1 Severity Low Risk Category Cross Site Scripting (CSS/XSS) Vendor URL http://www.bea.com Author Alexander Kornbrust (ak at red-database-security.com) Date 28 Apr 2005 (V 1.00) Advisory number AKSEC2004-042 Description ########### Cross Site Scripting in BEA Admin Console. More details available: ####################### http://www.red-database-security.com/advisory/bea_css_in_admin_console.h tml Patch Information ################# Apply the latest patchset from BEA. History: ######## 13 April 2004 BEA secalert was informed 13 April 2004 Bug confirmed 25 April 2005 Advisory released About Red-Database-Security GmbH ################################# Red-Database-Security GmbH is a specialist in Oracle Security. http://www.red-database-security.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cross Site Scripting in BEA Admin Console Kornbrust, Alexander (Apr 28)