Preview Tool

Cisco Bug: CSCur52719 - webvpn href with javascript function - arg ' incorrectly rewritten to \'

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.1(4.1) 9.1(4.6) 9.1(5) 9.1(5.10) 9.1(5.16) 9.1(5.19)

Description (partial)

When accessing Oracle Forms app, after going to a link the Home and Log-out buttons are not working.

The URL for the button is rewritten incorrectly - ' are escaped with \:



It can affect other web applications using href with javascript function as destination and using ' as parameter delimiter. E.g.:

<a href="javascript:selectModule('/portal/intertest, 'intertest');"

rewritten to:

<a href="javascript:selectModule(\'/portal/intertest\', \'intertest\');"

Oracle Forms application.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.