.. / CVE-2019-2578

Exploit for Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control (CVE-2019-2578)

Description:

Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 suffers from broken access control. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.

Nuclei Template

View the template here CVE-2019-2578.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-2578.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2019-2578
https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://github.com/ARPSyndicate/kenzer-templates
https://www.oracle.com/security-alerts/cpuapr2019.html

.. / CVE-2019-2578 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control (CVE-2019-2578)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2019-2578