My Oracle Support Banner

E1: JAS: Insecure CONTENT-TYPE Setting in JDE (Doc ID 3004291.1)

Last updated on FEBRUARY 19, 2024

Applies to:

JD Edwards EnterpriseOne Tools - Version 9.2 and later
Information in this document applies to any platform.

Symptoms

Applies To:
JD Edwards EnterpriseOne Tools – 9.2.8.0
Information in this document applies to JD Edwards E1 Applications deployed on Weblogic Server, Websphere Application Server, IBM HTTP Server, Oracle HTTP Server, Oracle Traffic Director and OCI LBaaS.

Failure to dictate a suitable browser interpretation of a response content, application developers can expose their users to Cross-Site Scripting or information stealing attacks.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.