📦 Application Express

by Oracle

🔍 What is Application Express?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-50067

CRITICAL CVSS 9.0 Jul 15, 2025

This vulnerability in Oracle Application Express allows low-privileged attackers with network access to compromise the system via HTTP, requiring human interaction from another person. Successful expl...

CVE-2021-37695

HIGH CVSS 7.3 Aug 13, 2021

CVE-2021-37695 is a cross-site scripting (XSS) vulnerability in CKEditor 4's Fake Objects plugin that allows attackers to inject malicious HTML that can execute JavaScript code in victims' browsers. I...

CVE-2021-32808

HIGH CVSS 7.6 Aug 12, 2021

CVE-2021-32808 is a cross-site scripting (XSS) vulnerability in CKEditor 4 that allows attackers to execute arbitrary JavaScript code by exploiting a flaw in the clipboard Widget plugin when used with...

CVE-2021-32723

HIGH CVSS 7.4 Jun 28, 2021

CVE-2021-32723 is a Regular Expression Denial of Service (ReDoS) vulnerability in Prism syntax highlighting library versions before 1.24.0. Attackers can craft malicious strings that cause excessive p...

CVE-2024-21261

MEDIUM CVSS 4.9 Oct 15, 2024

This vulnerability in Oracle Application Express allows authenticated attackers with network access to potentially modify or read some data within the application. It affects Oracle APEX versions 23.2...