Vulnerabilities > Oracle > Retail Merchandising System > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-02 | CVE-2019-17091 | Cross-site Scripting vulnerability in multiple products faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled. | 6.1 |
2019-01-16 | CVE-2018-3125 | Unspecified vulnerability in Oracle Retail Merchandising System 14.1 Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Security (SQL Logger)). | 6.5 |
2018-01-18 | CVE-2018-2730 | Unspecified vulnerability in Oracle Retail Merchandising System 16.0 Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar). | 6.4 |