Retail Order Management System Cloud Service Security Vulnerabilities and Issues — Retail Order Management System Cloud Service CVE List

Lucene search

OracleRetail Order Management System Cloud Service

3 matches found

CVE•added 2020/11/12 6:15 p.m.•254 views

CVE-2019-17566

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

7.5CVSS8.2AI score0.00815EPSS

CVE•added 2021/02/24 6:15 p.m.•212 views

CVE-2020-11987

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

8.2CVSS7.8AI score0.00247EPSS

CVE•added 2016/01/21 3:0 a.m.•29 views

CVE-2016-0506

Unspecified vulnerability in the Oracle Retail Order Management System Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, 5.0, and 15.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry.

4.3CVSS6.3AI score0.00321EPSS