Oracle Cloud Infrastructure Flaw Enabled Malicious File Uploads, Researchers Found. Exploring Oracle Cloud Infrastructure, researchers at Tenable found that Oracle’s console-based Code Editor tool failed to block arbitrary file uploads, and could be silently exploited via drive-by attacks to install malware. They said Oracle has now fixed the vulnerability.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/drive-by-attack-vector-patched-in-oracle-code-editor-a-28978
