ECM 8123 || Issue In Network Analysis Tab || Security Bug (Doc ID 2976322.1)

Last updated on OCTOBER 05, 2023

Applies to:

Oracle Financial Services Enterprise Case Management - Version 8.0.7 and later
Information in this document applies to any platform.

Symptoms

Identified cross site scripting (XSS) issue in Network Analysis Tab.
Steps are as below:
1. Login as low privilege user
2. Go to ECM -> ECM Search List
3. Open any case and go to Network Analysis tab
4. Search > Inject the XSS payload in the HTTP GET request.
5. Payload gets executed in client browser.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

ECM 8123 || Issue In Network Analysis Tab || Security Bug (Doc ID 2976322.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!