CVE-2014-6522
Oracle JDeveloper ADF Faces goButton XSS (CVE-2014-6522) is described in the October 2014 CPU plugin as an XSS vulnerability in the ADF Faces subcomponent caused by improper encoding of URLs used as targets for the goButton. An unauthenticated, remote attacker can exploit this to execute arbitrar...