""ET WEB_SPECIFIC_APPS Oracle Fusion Middleware BPEL Console Cross Site Scripting""

SID: 2011860

Revision: 2

Class Type: attempted-admin

Metadata: affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_10_28, cve CVE_2010_3581, deployment Datacenter, signature_severity Major, tag XSS, tag Cross_Site_Scripting, updated_at 2011_01_18

Reference:

• cve

• 2010-3581

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: any

Destination Network: $HOME_NET

Destination Port: 7777

Flow: established,to_server

Contents:

• Value: "/BPELConsole/default/processLog.jsp" Depth: 50

• Value: "processName="

Within: 100

PCRE: "/processName\x3D.+(script|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/i"

Special Options:

• nocase

• nocase

source