Vulnerability Details CVE-2016-3436
Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Tasks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.6%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 4.3
References
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.securitytracker.com/id/1035603
- https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3436
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.securitytracker.com/id/1035603
- https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3436
Products affected by CVE-2016-3436
-
cpe:2.3:a:oracle:common_applications_calendar:12.1.1
-
cpe:2.3:a:oracle:common_applications_calendar:12.1.2
-
cpe:2.3:a:oracle:common_applications_calendar:12.1.3