Oracle: >> Siebel Ui Framework >> 21.2 Security Vulnerabilities
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
CVSS Score
3.7
EPSS Score
0.0
Published
2020-04-27
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVSS Score
6.1
EPSS Score
0.014
Published
2017-03-15
Page 2