Intrusion Prevention

Oracle.Reports.Server.XSS

Description

It indicates a possible exploit of a Cross-Site Scripting vulnerability in Oracle Reports Server. Oracle Reports Server is vulnerable to multiple Cross-Site Scripting attacks that can allow an attacker to execute arbitrary code in a users browser. A successful exploit grants the attacker access to the users cookie-based authentication credentials and other attacks.

Affected Products

Oracle Oracle Reports 10g 9.0.2

Impact

Disclosure or Modification of sensitive data

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.