Oracle Portal 'Container_Tabs.JSP'多个跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111821 漏洞类型 跨站脚本
发布时间 2006-12-22 更新时间 2006-12-26
CVE编号 CVE-2006-6703 CNNVD-ID CNNVD-200612-492
漏洞平台 PHP CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/29308
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200612-492
|漏洞详情
OraclePortal9i和10g存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可以通过在webapp/jsp/container_tabs.jsp内的tc参数以及其他未明向量来注入任意JavaScript。
|漏洞EXP
source: http://www.securityfocus.com/bid/21717/info

Oracle Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before returning it to the user. 

An attacker can exploit this issue to execute arbitrary HTML and script code in a userâ??s browser session in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. 

The vulnerability is reported in Oracle Portal versions 9i and10g.

http://<target>/webapp/jsp/container_tabs.jsp?tc=null%20=%20null;alert('Hello!');window.open('http://www.oracle.com/?fix_security_bugs_now',%20'null');//
|参考资料

来源:BUGTRAQ
名称:20061222OracleApplications/Portal9i/10gCrossSiteScripting
链接:http://www.securityfocus.com/archive/1/archive/1/455143/100/0/threaded
来源:BID
名称:21717
链接:http://www.securityfocus.com/bid/21717
来源:VUPEN
名称:ADV-2006-5143
链接:http://www.frsirt.com/english/advisories/2006/5143