XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). helpwindow.jsp has reflected XSS via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-12-13T19:00:00
Updated: 2024-08-05T11:37:11.388Z
Reserved: 2018-11-22T00:00:00
Link: CVE-2018-19439
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-12-13T19:29:00.620
Modified: 2019-01-07T16:37:46.240
Link: CVE-2018-19439
Redhat
No data.