Oracle: >> Siebel Ui Framework >> 18.10 Security Vulnerabilities
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
CVSS Score
9.8
EPSS Score
0.147
Published
2019-01-02
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
CVSS Score
6.1
EPSS Score
0.024
Published
2018-08-02
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVSS Score
6.1
EPSS Score
0.086
Published
2018-01-18
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVSS Score
6.1
EPSS Score
0.014
Published
2017-03-15
Page 4