Oracle Secure Global Desktop 4.4 20080807152602 has an XSS vulnerability in the Administration Console (but was fixed in later versions including 5.4). As evidenced by the
sgdadmin/faces/com sun web
ui/help/helpwindow.jsp windowTitle parameter,
helpwindow.jsp has mirrored XSS via all parameters.
We suggest that you update Oracle Secure Global Desktop in order to fix this vulnerability.