WebReports Cross Site Scripting vulnerability (December 2012 Fix Pack)

Technote (troubleshooting)


Problem(Abstract)

This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
Cross site scripting is a vulnerability that allows an attacker to send malicious code to another user.
Because a browser cannot know if the script should be trusted or not, it will execute the script
in the user context allowing the attacker to access any cookies or session tokens retained by the
browser.

Resolving the problem

To resolve this issue, a configurable filter was added to protect Web Reports from common Cross Site Scripting vulnerability.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Initiate Master Data Service

Software version:

9.5.0, 9.7.0, 10.0.0, 10.1.0

Operating system(s):

AIX, Linux, Solaris, Windows

Reference #:

1618533

Modified date:

2012-12-19

Translate my page

Machine Translation

Content navigation