Vulnerability Details CVE-2016-3439
Unspecified vulnerability in the Oracle CRM Wireless component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Call Phone Number Page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.6%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 4.3
References
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.securitytracker.com/id/1035603
- https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3439
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.securitytracker.com/id/1035603
- https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3439
Products affected by CVE-2016-3439
-
cpe:2.3:a:oracle:crm_technical_foundation:12.1.3