Oracle

Retail Order Management System Cloud Service

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2020-11987

  • EPSS 0.63%
  • Published 24.02.2021 18:15:11
  • Last modified 21.11.2024 04:59:03

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arb...

7.5

CVE-2019-17566

  • EPSS 0.82%
  • Published 12.11.2020 18:15:12
  • Last modified 21.11.2024 04:32:32

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make ...

4.3

CVE-2016-0506

  • EPSS 0.32%
  • Published 21.01.2016 03:00:54
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle Retail Order Management System Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, 5.0, and 15.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry.