Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Encountered a vulnerability issue in the communication between VBCS and backend services

in Sourcing 2 comments

Summary:

Encountered a vulnerability issue in the communication between VBCS and backend services.

Content (please ensure you mask any confidential information):


Using a tool like BurpSuite is possible to modify a request payload created by VBCS app, bypassing frontend logic and tricking backend services like OIC integration, ATP modules or ATP autorest.

What kind of remediation can be used to solve the issue?

Version (include the version you are using, if applicable):

  1. Version: 24.10.2
  2. Oracle JET Version 15.1.5

Code Snippet (add any code snippets that support your topic, if applicable):

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!