Published: 13/12/2018 Updated: 07/01/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). helpwindow.jsp has reflected XSS via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle parameter.

Vulnerability Trend

Mailing Lists

Oracle Secure Global Desktop Administration Console version 44 build 20080807152602 suffers from cross site scripting vulnerabilities ...
<!-- # Exploit Title: Cross Site Scripting in Oracle Secure Global Desktop Administration Console - 44; Build: 20080807152602 # Date: 22-11-2018 # Exploit Author: Rafael Pedrero # Vendor Homepage: wwworaclecom/ # Software Link: wwworaclecom/ # Version: Oracle Secure Global Desktop Administration Console - 44; Build: 200808071 ...

Github Repositories

Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.

Templates are the core of nuclei scanner which power the actual scanning engine This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community We hope that you also contribute by sending templates via pull requests and grow the list Template Directory ├── LICENSE ├── READMEmd ├── basic-dete