Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-12	CVE-2020-13954	Cross-site Scripting vulnerability in multiple products By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. network low complexity apache netapp oracle CWE-79	6.1
2016-07-21	CVE-2016-3611	Unspecified vulnerability in Oracle Retail Order Broker Cloud Service 15.0 Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration. network low complexity oracle	5.4