Oracle Financial Services Data Foundation 8.0.9

CPE Details

Oracle Financial Services Data Foundation 8.0.9
oracle
financial_services_data_foundation
8.0.9
2020-04-23
15h23 +00:00
2020-04-23
15h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:financial_services_data_foundation:8.0.9:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

financial_services_data_foundation

Version

8.0.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-11022 2020-04-28 22h00 +00:00 In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
6.9
Medium
CVE-2020-2964 2020-04-15 11h29 +00:00 Vulnerability in the Oracle Financial Services Data Foundation product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 - 8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Data Foundation. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Data Foundation accessible data as well as unauthorized read access to a subset of Oracle Financial Services Data Foundation accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).
7.1
High