Asset Check-In With Comment String '"></script> <script' Breaks Check-In Screen (Doc ID 2331387.1)

Last updated on MARCH 15, 2019

Applies to:

Oracle WebCenter Sites - Version 12.2.1.2.0 and later
Information in this document applies to any platform.

Symptoms

If asset is Check-In with following comment string, future Check-In of this asset shows broken Check-In screen:

Steps to reproduce:

1. Create a new asset with revision tracking enabled.
2. After saving the initial version, click on Check-In button
3. Click Check-In
4. Enter "></script> <script as a comment
5. Click Check-In
6. Click Go back.
7. Click Edit.
8. Click Check-In. The asset tab goes blank and only displays the following text:

Name Type Version Comment Status Detail Action
Checkout
Undo Checkout
Checkin

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Asset Check-In With Comment String '"></script> <script' Breaks Check-In Screen (Doc ID 2331387.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!