Oracle E-Business Suite Frame Injection (CVE-2017-3528)
Description
Oracle EBS "Popup windows" subcomponent allows a remote attacker to control the source of the frame. It can be used for phishing attacks.
Remediation
Upgrade to the latest version of Oracle E-Business Suite