Vulnerability
Oracle Secure Global Desktop 4.4 20080807152602 has an XSS vulnerability in the Administration Console (but was fixed in later versions including 5.4). As evidenced by the sgdadmin/faces/com sun web ui/help/helpwindow.jsp windowTitle parameter, helpwindow.jsp has mirrored XSS via all parameters.
Recommendations
We suggest that you update Oracle Secure Global Desktop in order to fix this vulnerability.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
