Intrusion Prevention

Oracle.Workflow.Wfroute.XSS

Description

It indicates an attacker attempted a Cross-Site Scripting attack against Oracle. Oracle Workflow is vulnerable to a Cross-Site Scripting attack in the "wf_route" script. An attacker can leverage this vulnerability to execute arbitrary script code in the victims browser.

Affected Products

Oracle Workflow 11.5.9 .5 and Oracle Workflow 11.5.1

Impact

Disclosure or Modification of sensitive data

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.