Weblogic Server@12.1.3.0 Security Vulnerabilities and Issues — Weblogic Server@12.1.3.0 CVE List

Lucene search

OracleWeblogic Server12.1.3.0

5 matches found

CVE•added 2018/01/18 11:29 p.m.•2410 views

CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

6.1CVSS6.3AI score0.11287EPSS

CVE•added 2018/05/11 8:29 p.m.•221 views

CVE-2018-1258

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

8.8CVSS9AI score0.00221EPSS

CVE•added 2019/01/16 7:30 p.m.•59 views

CVE-2019-2398

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Deployment). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Or...

4.3CVSS4.4AI score0.00222EPSS

CVE•added 2019/01/16 7:30 p.m.•55 views

CVE-2019-2452

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromis...

6.7CVSS6.9AI score0.00498EPSS

CVE•added 2019/01/16 7:30 p.m.•45 views

CVE-2019-2418

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromis...

6.8CVSS6.7AI score0.00659EPSS