Vulnerabilities > Oracle > Agile Product Lifecycle Management FOR Process > 6.2.1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2018-04-19	CVE-2018-2572	Unspecified vulnerability in Oracle Agile Product Lifecycle Management for Process 6.1.1.6/6.2.0.0/6.2.1.0 Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). network oracle	5.8
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.