Posted by SEC Consult Vulnerability Lab on Jul 16

SEC Consult Vulnerability Lab Security Advisory < 20150716-0 >
=======================================================================
title: Permanent Cross-Site Scripting
product: Oracle Application Express
vulnerable version: All versions prior to 4.2.3.00.08
fixed version: 4.2.3.00.08
CVE number: CVE-2015-2655
impact: high
homepage: https://apex.oracle.com/i/index.html…