The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote malicious users to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle application server discussion forum portlet |