Vulnerabilities > Oracle > Financial Services Loan Loss Forecasting AND Provisioning > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-15	CVE-2020-14692	Unspecified vulnerability in Oracle Financial Services Loan Loss Forecasting and Provisioning 8.0.6/8.0.7/8.0.8 Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning product of Oracle Financial Services Applications (component: User Interface). network low complexity oracle	6.5
2020-04-29	CVE-2020-11022	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery drupal debian fedoraproject oracle netapp opensuse tenable CWE-79	6.1
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2018-2712	Unspecified vulnerability in Oracle Financial Services Loan Loss Forecasting and Provisioning 8.0.5.0.0 Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponent: User Interface). network low complexity oracle	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.