XML injection

XML injection issues occur when the data used to construct XML code, which may contain XML metacharacters, is not encoded properly. The Oracle InForm Adapter software handles this by using standard XML processing components that construct the XML documents. It is recommended that the client code also uses standard XML processing components to ensure that data is properly encoded. If XML is constructed manually, the developer should ensure that any untrusted data is properly encoded to prevent XML injection.