Vulnerabilities > Oracle > Retail Customer Management AND Segmentation Foundation > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-29 CVE-2020-11022 In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 6.1
2020-01-15 CVE-2020-2650 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 16.0
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions).
network
low complexity
oracle
6.5
2020-01-15 CVE-2020-2648 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 16.0
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Internal Operations).
low complexity
oracle
6.2
2020-01-15 CVE-2020-2567 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 18.0
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Security).
network
low complexity
oracle
4.8
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-10-16 CVE-2019-2884 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 17.0
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment).
network
high complexity
oracle
5.9
2019-10-16 CVE-2019-2883 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 17.0
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment).
network
low complexity
oracle
4.6
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2018-07-18 CVE-2018-3053 Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 16.0.1/16.0.2/17.0.1
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Internal Operations).
network
low complexity
oracle
6.4