[原文]Oracle XSQL servlet 126.96.36.199 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.
Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution
Loss of Integrity
This host is running the Oracle XSQL serverlet. This servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT style sheet when making a request to an XSQL page
Until Oracle changes the default behavior for the XSQL servlet to disallow client supplied style sheets, you can workaround this problem as follows. Add allow-client-style='no' on the document element of every XSQL page on your server.