CVE-2006-7158
Oracle Application Express (APEX/HTMLDB) prior to version 2.2.1 is affected by a cross-site scripting (XSS) vulnerability in the NOTIFICATION_MSG parameter in the APEX UI. The issue allows remote attackers to inject arbitrary web script or HTML. The root cause is insufficient input handling for t...