My Oracle Support Banner

Is The Endeca MDEX 6.x Susceptible To XSS Attacks? (Doc ID 1505925.1)

Last updated on MAY 26, 2017

Applies to:

Oracle Commerce Guided Search / Oracle Commerce Experience Manager - Version 6.1.1 and later
Information in this document applies to any platform.


Our administrator is claiming that the Dgraph process is prone to XSS (Cross-Site Scripting) javascripts attacks. Is this true?  Will the Dgraph execute javascripts sent to it?


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.