""ET WEB_SERVER Oracle Secure Enterprise Search 10.1.8 search Script XSS attempt""
SID: 2009643
Revision: 5
Class Type: web-application-attack
Metadata: created_at 2010_07_30, updated_at 2010_07_30
Reference:
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: any
Destination Network: $HOME_NET
Destination Port: 7777
Flow: to_server,established
Contents:
-
Value: "GET " Depth: 4
-
Value: "/search/query/search"
-
Value: "search_p_groups="
-
Value: "script"
Within:
PCRE: "/<?(java|vb)?script>?/i"
Special Options:
-
nocase
-
nocase
-
nocase