Oracle Application Express AnyChart Flash-Based Cross Site Scripting Vulnerability
Oracle Application Express versions prior to 5.1.4.00.08 suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the "externalobjid" GET parameter is not properly sanitized before being passed to the...