Module library
All modules
Visit vidocsecurity.com
Ethical Hacking Automation
Automate Recon and scanning process with Vidoc. All security teams in one place
Start for free
Oracle E-Business Suite - Cross-Site Scripting
By kannthu
Medium
Vidoc Module
#oracle
#xss
#ebs
Description
Author: dhiyaneshDk
Reference
- https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf
Metadata
max-request: 3
Module preview
Concurrent Requests (1)
1. HTTP Request template
GET
/OA_HTML/jtfLOVInPro...
/OA_HTML/oksAutoRene...
/OA_HTML/ieuiMeeting...
Matching conditions
word: <svg/onload=alert('{{randstr}}')>
and
status: 200
and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability