Showing Articles About
eql
- 13 Jun 2018
EQL Injection (not a typo) and Oracle Endeca
EQL injection is a novel attack technique targeting Oracle Endeca search functionality in e-commerce platforms. Attackers can exploit unsecured Endeca search parameters to extract sensitive product information or perform denial of service attacks. The vulnerability stems from improper input validation in Endeca search implementations.