Vulnerabilities > Oracle > Iplanet WEB Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-10 | CVE-2020-9314 | Cross-site Scripting vulnerability in Oracle Iplanet web Server 7.0/7.0.27 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. | 4.8 |
| 2017-10-19 | CVE-2017-10055 | Unspecified vulnerability in Oracle Iplanet web Server 7.0 Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware (subcomponent: Admin Graphical User Interface). | 6.1 |