Financial Services Data Integration Hub@8.0.6 Security Vulnerabilities and Issues — Financial Services Data Integration Hub@8.0.6 CVE List

Lucene search

OracleFinancial Services Data Integration Hub8.0.6

4 matches found

CVE•added 2020/04/29 10:15 p.m.•6922 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.05513EPSS

CVE•added 2020/12/11 2:15 a.m.•1322 views

CVE-2020-17530

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

9.8CVSS9.6AI score0.94395EPSS

CVE•added 2020/09/14 5:15 p.m.•407 views

CVE-2019-0230

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

9.8CVSS9.5AI score0.93849EPSS

CVE•added 2020/09/14 5:15 p.m.•128 views

CVE-2019-0233

An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.

7.5CVSS8.1AI score0.06858EPSS