The Onapsis Blog

Die Sicherheit von geschäftskritischen Anwendung ist dynamisch, und es gibt ständig neue Entwicklungen. In unserem Blog finden Sie Empfehlungen, Einblicke und Beobachtungen zu den neuesten Nachrichten für die Sicherung Ihrer SAP®-, Oracle®- und Salesforce-Anwendungen.

Pablo Artuso

Pablo Artuso

Security Researcher

Pablo Artuso is a Security Researcher at the Onapsis Research Labs. He is most of the time involved in projects of vulnerability research and penetration testing of SAP products, where he has helped to patch several bugs on its products. He is one of the responsible of delivering and keeping up to date SAP Security Training, and has also presented about SAP Security in other conferences around the world. In his spare time, he enjoys playing CTF's which include web exploitation, reverse engineering and crypto challenges.

Onapsis Publishes Advisories for Cross Site Scripting and OS Command Injection Vulnerabilities
09/21/2016 | By
Pablo Artuso
|
Research

Onapsis Publishes Advisories for Cross Site Scripting and OS Command Injection Vulnerabilities

Today, the Onapsis Research Labs released 14 advisories for SAP and 6 for Oracle E-Business Suite. All of the SAP advisories pertain to SAP NetWeaver - the technical integration platform on top of which enterprise and business solutions are developed and run. Half of these advisories for SAP NetWeaver relate to remote command execution vulnerabilities, which will be explained later in this post. On the Oracle side, all six advisories relate to cross-site scripting (XSS) attacks on the core business application Oracle E-Business Suite.

Categories
The Defenders Digest

Onapsis CTO and Director of Threat Research monthly video recap all things ERP security.

Watch Now
Request a Demo from Onapsis

Sind Sie bereit, Ihren Blindspot in der SAP-Cybersicherheit zu beseitigen?

Wir zeigen Ihnen, wie einfach es sein kann, Ihre Geschäftsanwendungen zu schützen.

Demo anfragen