CVE-2016-3536

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.1.1 through 12.1.3

Description The issue affects confidentiality and integrity, and it is related to the Deliverables in the Oracle Marketing component. There are claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For Oracle E-Business Suite versions 12.1.1 through 12.1.3, apply the July 2016 CPU patch to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.