4 matches found
Oracle Financial Services Analytical Applications 7.3.5.x / 8.0.x XXE Injection / XSS
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & Reflected XSS product: Oracle Financial Services Analytical Applications vulnerable version: 7.3.5.x, 8.0.x fixed version: Oracle CPU January 2018 CVE number:...
CVE-2018-2660
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2018-2660
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2018-2660
CVE-2018-2660 affects Oracle Financial Services Analytical Applications Infrastructure (OFSAA) Core in 7.3.5.x and 8.0.x. The issue is an XML External Entity (XXE) injection via XML import, enabling a low-privilege, network-access attacker to read data and potentially cause partial DOS; exploit e...