EUVD-2026-31002

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 11.3.0 before 11.3.7...

Drupal core 跨站脚本漏洞

Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Versions of Drupal Core prior to 11.3.0 and 11.3.7 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during web page generation, which cou...

CVE-2026-25783

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly validate User-Agent header tokens which allows an authenticated attacker to cause a request panic via a specially crafted User-Agent header. Mattermost Advisory ID: MMSA-2026-00586...

CVE-2022-21559

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle...

CVE-2025-21576

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Personalization Server. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2024-4884 · Oracle · Oracle Commerce Platform

Name of the Vulnerable Software and Affected Versions: Oracle Commerce Platform versions 11.3.0 through 11.3.2 Description: The issue is related to insufficient input validation in the Oracle Commerce Platform, allowing an unauthenticated attacker with network access via HTTP to compromise the...

PT-2023-10678 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab Community and Enterprise Edition versions 11.1.0 through 11.1.7 GitLab Community and Enterprise Edition versions 11.2.0 through 11.2.4 GitLab Community and Enterprise Edition versions 11.3.0 through 11.3.1 Description: An issue was...

CVE-2017-10098

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Easily exploitable vulnerability allows low privileg...

CVE-2017-3535

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2 and 12.0.3. Easily "exploitable" vulnerability allows unauthenticated attacker with...

CVE-2017-3481

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access via HT...

CVE-2017-3480

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 11.3.0, 11.4.0 and 12.0.1. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via...

CVE-2016-8302

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2016-8301

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-8299

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with...

CVE-2016-8305

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows physical access to compromise...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00944)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

CVE-2016-5594

Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to INFRA...