Oracle.E-Business.Suite.Business.SQL.Injection
Description
Oracle E-Business Suite Business has an SQL-injection vulnerability. A remote attacker could execute arbitrary SQL commands in the back-end database via a specially-crafted HTTP request to the the APPS.ICXSUPWF.DisplayContacts package.
Affected Products
Oracle E-Business Suite.
Impact
SQL injection.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
http://www.oracle.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |