Vulnerabilities > Oracle > Retail Merchandising System > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-10-02 CVE-2019-17091 Cross-site Scripting vulnerability in multiple products
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
network
low complexity
eclipse oracle CWE-79
6.1
2019-01-16 CVE-2018-3125 Unspecified vulnerability in Oracle Retail Merchandising System 14.1
Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Security (SQL Logger)).
network
low complexity
oracle
6.5
2018-01-18 CVE-2018-2730 Unspecified vulnerability in Oracle Retail Merchandising System 16.0
Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar).
network
low complexity
oracle
6.4