Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:2 p.m.6 views

CVE-2021-2462

Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce component: Commerce Service Center. Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS5.5AI score0.00809EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/25 9:8 a.m.33 views

Security Bulletin: IBM Event Streams is vulnerable to a cross-site request forgery due to the Axios component (CVE-2023-45857).

Summary IBM Event Streams is vulnerable to XSS vulnerability due to Axios component . Axios is a promise-based HTTP library that lets developers make requests to either their own or a third-party server to fetch data. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to...

6.5CVSS6.4AI score0.00556EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.4 views

PT-2024-4884 · Oracle · Oracle Commerce Platform

Name of the Vulnerable Software and Affected Versions: Oracle Commerce Platform versions 11.3.0 through 11.3.2 Description: The issue is related to insufficient input validation in the Oracle Commerce Platform, allowing an unauthenticated attacker with network access via HTTP to compromise the...

4CVSS7AI score0.00347EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.4 views

Oracle Commerce 输入验证错误漏洞

Oracle Commerce is a suite of e-business solutions from Oracle Corporation. An input validation error vulnerability exists in Oracle Commerce Service Center, which can be exploited by an unauthenticated attacker to compromise Oracle Commerce Service Center via HTTP web access.The following produc...

6.1CVSS7.1AI score0.00809EPSS
Exploits0References3
Rows per page
Query Builder