VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Financial Services Data Foundation
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-04-29
CVE-2020-11022
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
network
low complexity
jquery
drupal
debian
fedoraproject
oracle
netapp
opensuse
tenable
6.1
6.1
2019-04-20
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution.
network
low complexity
jquery
debian
drupal
backdropcms
fedoraproject
opensuse
netapp
redhat
oracle
joomla
juniper
6.1
6.1