Pablo Artuso

Security Researcher

Pablo Artuso is a security researcher at the Onapsis Research Labs. His work is focused on the research and detection of vulnerabilities in SAP products. Pablo enjoys working on projects that involve doing reverse engineering and web application exploitation.



Onapsis Publishes Advisories for Cross Site Scripting and OS Command Injection Vulnerabilities

Today, the Onapsis Research Labs released 14 advisories for SAP and 6 for Oracle E-Business Suite. All of the SAP advisories pertain to SAP NetWeaver - the technical integration platform on top of which enterprise and business solutions are developed and run. Half of these advisories for SAP NetWeaver relate to remote command execution vulnerabilities, which will be explained later in this post. On the Oracle side, all six advisories relate to cross-site scripting (XSS) attacks on the core business application Oracle E-Business Suite.