Performance Scorecard scripting enables extensive application customizations. However, this flexibility is a potential avenue of attack for those wishing to compromise the system. To ensure the security of your applications, Oracle strongly recommends that you disable scripting by removing jython.jar from HPSWebReports\WEB-INF\lib. Note the following:
If you upgraded to this release, delete jython.jar after starting the application for the first time.
To later upgrade another database, restore jython.jar before the upgrade, and delete it after starting the application for the first time.