Oracle Enterprise Manager Multiple Vulnerabilities
CVE-2011-0876
Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), POST/GET request equivalence and SQL query execution vulnerabilities have been discovered in the latest version of Oracle Enterprise Manager (as of January 2010).