Multiple vulnerabilities in Oracle Banking Corporate Lending Process Management

Uncategorized

Description. CWE-345 – Insufficient Verification of Data Authenticity The vulnerability allows a remote attacker to redirect victims to arbitrary URL. The vulnerability exists due to the application relies on the URL passed via the “redirect_uri” parameter.Read MoreSecurity News