Vulnerabilities > Oracle > Financial Services Data Integration HUB > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-11 | CVE-2020-17530 | Expression Language Injection vulnerability in multiple products Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | 9.8 |
2020-09-14 | CVE-2019-0230 | Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | 9.8 |