CVE-2016-3532

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.1.1 through 12.1.3

Description The issue affects confidentiality and integrity, and it is related to SDK client integration. There are claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For Oracle E-Business Suite versions 12.1.1 through 12.1.3, update to a version that addresses the SDK client integration issue to prevent remote attackers from affecting confidentiality and integrity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.