3 matches found
Oracle Financial Services Analytical Applications 7.3.5.x / 8.0.x XXE Injection / XSS
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & Reflected XSS product: Oracle Financial Services Analytical Applications vulnerable version: 7.3.5.x, 8.0.x fixed version: Oracle CPU January 2018 CVE number:...
CVE-2018-2661
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network...
CVE-2018-2661
CVE-2018-2661 is an XSS vulnerability in Oracle Financial Services Analytical Applications Infrastructure (OFSAA) Core subcomponent, affecting 7.3.5.x and 8.0.x. An unauthenticated attacker can leverage HTTP requests to inject and trigger client-side script via manipulated URLs, with user interac...