Thursday, June 16, 2011

CWE-601: oracle.com

Browse the link and logon, if you have account with them.

http://www.oracle.com/webapps/redirect/signon?nexturl=http://ainthek.blogspot.com/
------------------------------------
So they have "fixed" client side problem
http://ainthek.blogspot.com/2011/05/client-side-xss-documentwritelocationhr.html.

and kept more serious
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') still open ?

nice ....

No comments:

Post a Comment