Oracle E-Business Suite SQL Injection (CVE-2019-2633; CVE-2019-2638)

An SQL vulnerability exists in the Work In Process component of Oracle E-Business Suite. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements with the privileges of the APPS database user.

You can read the full article here.