4 matches found
Oracle Application Express AnyChart Flash-Based XSS (CVE-2018-2699)
A vulnerability exists in Oracle Application Express. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Oracle Application Express AnyChart Flash-Based Cross Site Scripting Vulnerability
Oracle Application Express versions prior to 5.1.4.00.08 suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the "externalobjid" GET parameter is not properly sanitized before being passed to the...
Oracle Application Express AnyChart Flash-Based Cross Site Scripting
------------------------------------------------------------------------------------ Oracle Application Express AnyChart Flash-based Cross-Site Scripting Vulnerability ------------------------------------------------------------------------------------ - Software Link: https://apex.oracle.com/ -...
CVE-2018-2699
CVE-2018-2699 affects Oracle Database Server’s Application Express component (prior to 5.1.4.00.08). The vulnerability allows an unauthenticated, network-accessible attacker to compromise Application Express via HTTP, with impact including unauthorized update/insert/delete and read access to Appl...