This article describes how to standardize your JDeveloper Installation as requested in Planning & Getting Started – Team, Skills and Development Environments.
It is kinda nutty to treat a code injection attack on a base utility on the utility rather than on the poorly-programmed vectors.
I just published a maintenance release of PL-jrxml2pdf with some bugfixes.
Dynamic SQL by itself is not sufficient for a SQL Injection Attack
Facing a particularly difficult problem, we must resist the urge to flee to our favorite toolset.