4 matches found
CVE-2021-2462
Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce component: Commerce Service Center. Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Security Bulletin: IBM Event Streams is vulnerable to a cross-site request forgery due to the Axios component (CVE-2023-45857).
Summary IBM Event Streams is vulnerable to XSS vulnerability due to Axios component . Axios is a promise-based HTTP library that lets developers make requests to either their own or a third-party server to fetch data. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to...
PT-2024-4884 · Oracle · Oracle Commerce Platform
Name of the Vulnerable Software and Affected Versions: Oracle Commerce Platform versions 11.3.0 through 11.3.2 Description: The issue is related to insufficient input validation in the Oracle Commerce Platform, allowing an unauthenticated attacker with network access via HTTP to compromise the...
Oracle Commerce 输入验证错误漏洞
Oracle Commerce is a suite of e-business solutions from Oracle Corporation. An input validation error vulnerability exists in Oracle Commerce Service Center, which can be exploited by an unauthenticated attacker to compromise Oracle Commerce Service Center via HTTP web access.The following produc...