Description
The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23.
Remediation
References
Related Vulnerabilities
PHP Data Processing Errors Vulnerability (CVE-2015-4025)
WordPress Plugin Secure Copy Content Protection and Content Locking SQL Injection (2.6.6)
WordPress Plugin Official MailerLite Sign Up Forms Cross-Site Request Forgery (1.4.4)
WordPress Plugin Stock market charts from finviz Cross-Site Scripting (1.0)