Oracle CTI Web Service XML Entity Injection

An XML External Entity Injection vulnerability exists in Oracle CTI Web Service. Successful exploitation of this vulnerability could result in Denial of Service.

You can read the full article here.