Vulnerabilities > Oracle > Retail Back Office > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-06 | CVE-2018-1271 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. | 5.9 |
| 2017-10-19 | CVE-2017-10423 | Unspecified vulnerability in Oracle Retail Back Office Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). | 5.4 |