Oracle MAF store bypass, a how-to

BANNER IMAGE On a recent assignment I was asked to look at the security of a cloud-based solution for expenses, the Oracle® ExpensesCloud with Fusion applications. It was being used for employees to create/save/edit/submit claims to the employer. TL;DR Having default hardcoded credentials allows an attacker effortless compromise of the credentialed action. In this instance the […]


Leave a Reply

Your email address will not be published. Required fields are marked *