Oracle » Financial Services Asset Liability Management (Page 1)

6.1

CVE-2020-11022

Exploit

EPSS 22.55%
Published 29.04.2020 22:15:11
Last modified 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

7.1

CVE-2020-2939

EPSS 0.32%
Published 15.04.2020 14:15:36
Last modified 21.11.2024 05:26:41

Vulnerability in the Oracle Financial Services Asset Liability Management product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows...

6.1

CVE-2019-11358

Exploit

EPSS 2.4%
Published 20.04.2019 00:29:00
Last modified 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

6.1

CVE-2015-9251

EPSS 9.84%
Published 18.01.2018 23:29:00
Last modified 21.11.2024 02:40:09

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

8.1

CVE-2018-2723

EPSS 0.97%
Published 18.01.2018 02:29:25
Last modified 21.11.2024 04:04:19

Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability a...

6.1

CVE-2018-2692

EPSS 0.46%
Published 18.01.2018 02:29:23
Last modified 21.11.2024 04:04:15