CVE-2015-9251

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2015-9251
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
http://seclists.org/fulldisclosure/2019/May/10
http://seclists.org/fulldisclosure/2019/May/11
http://seclists.org/fulldisclosure/2019/May/13
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch
http://www.securityfocus.com/bid/105658 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2020:0481
https://access.redhat.com/errata/RHSA-2020:0729
https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc Patch Third Party Advisory
https://github.com/jquery/jquery/issues/2432 Issue Tracking Patch Third Party Advisory
https://github.com/jquery/jquery/pull/2588 Issue Tracking Patch Third Party Advisory
https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2 Patch Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04 Third Party Advisory US Government Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
https://seclists.org/bugtraq/2019/May/18
https://security.netapp.com/advisory/ntap-20210108-0004/
https://snyk.io/vuln/npm:jquery:20150627 Patch Third Party Advisory
https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.tenable.com/security/tns-2019-08
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
http://seclists.org/fulldisclosure/2019/May/10
http://seclists.org/fulldisclosure/2019/May/11
http://seclists.org/fulldisclosure/2019/May/13
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch
http://www.securityfocus.com/bid/105658 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2020:0481
https://access.redhat.com/errata/RHSA-2020:0729
https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc Patch Third Party Advisory
https://github.com/jquery/jquery/issues/2432 Issue Tracking Patch Third Party Advisory
https://github.com/jquery/jquery/pull/2588 Issue Tracking Patch Third Party Advisory
https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2 Patch Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04 Third Party Advisory US Government Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
https://seclists.org/bugtraq/2019/May/18
https://security.netapp.com/advisory/ntap-20210108-0004/
https://snyk.io/vuln/npm:jquery:20150627 Patch Third Party Advisory
https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.tenable.com/security/tns-2019-08
Configurations

Configuration 1 (hide)

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*
History

21 Nov 2024, 02:40

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html - () http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html -
References () http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html - () http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html -
References () http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html - () http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html -
References () http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html - () http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html -
References () http://seclists.org/fulldisclosure/2019/May/10 - () http://seclists.org/fulldisclosure/2019/May/10 -
References () http://seclists.org/fulldisclosure/2019/May/11 - () http://seclists.org/fulldisclosure/2019/May/11 -
References () http://seclists.org/fulldisclosure/2019/May/13 - () http://seclists.org/fulldisclosure/2019/May/13 -
References () http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Patch () http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Patch
References () http://www.securityfocus.com/bid/105658 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/105658 - Third Party Advisory, VDB Entry
References () https://access.redhat.com/errata/RHSA-2020:0481 - () https://access.redhat.com/errata/RHSA-2020:0481 -
References () https://access.redhat.com/errata/RHSA-2020:0729 - () https://access.redhat.com/errata/RHSA-2020:0729 -
References () https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc - Patch, Third Party Advisory () https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc - Patch, Third Party Advisory
References () https://github.com/jquery/jquery/issues/2432 - Issue Tracking, Patch, Third Party Advisory () https://github.com/jquery/jquery/issues/2432 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/jquery/jquery/pull/2588 - Issue Tracking, Patch, Third Party Advisory () https://github.com/jquery/jquery/pull/2588 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2 - Patch, Third Party Advisory () https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2 - Patch, Third Party Advisory
References () https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04 - Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04 - Third Party Advisory, US Government Resource
References () https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 - () https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 -
References () https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E - () https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E -
References () https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E - () https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E -
References () https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E - () https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E -
References () https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E - () https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E -
References () https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E - () https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E -
References () https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E - () https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E -
References () https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E - () https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E -
References () https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E - () https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E -
References () https://seclists.org/bugtraq/2019/May/18 - () https://seclists.org/bugtraq/2019/May/18 -
References () https://security.netapp.com/advisory/ntap-20210108-0004/ - () https://security.netapp.com/advisory/ntap-20210108-0004/ -
References () https://snyk.io/vuln/npm:jquery:20150627 - Patch, Third Party Advisory () https://snyk.io/vuln/npm:jquery:20150627 - Patch, Third Party Advisory
References () https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf - Third Party Advisory () https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf - Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuapr2020.html - () https://www.oracle.com/security-alerts/cpuapr2020.html -
References () https://www.oracle.com/security-alerts/cpujan2020.html - () https://www.oracle.com/security-alerts/cpujan2020.html -
References () https://www.oracle.com/security-alerts/cpujul2020.html - () https://www.oracle.com/security-alerts/cpujul2020.html -
References () https://www.oracle.com/security-alerts/cpuoct2020.html - () https://www.oracle.com/security-alerts/cpuoct2020.html -
References () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch
References () https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html - Patch () https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html - Patch
References () https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - () https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html -
References () https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html - () https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html -
References () https://www.tenable.com/security/tns-2019-08 - () https://www.tenable.com/security/tns-2019-08 -

07 Nov 2023, 02:28

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E', 'name': '[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E', 'name': '[flink-user] 20190813 Apache flink 1.7.2 security issues', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E', 'name': '[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E', 'name': '[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E', 'name': '[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E', 'name': '[flink-user] 20190813 Re: Apache flink 1.7.2 security issues', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E', 'name': '[flink-dev] 20190811 Apache flink 1.7.2 security issues', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E', 'name': '[flink-user] 20190811 Apache flink 1.7.2 security issues', 'tags': [], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E -
  • () https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E -
  • () https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E -
  • () https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E -
  • () https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E -
  • () https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E -
  • () https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E -
  • () https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E -
Information

Published : 2018-01-18 23:29

Updated : 2024-11-21 02:40

NVD link : CVE-2015-9251

Mitre link : CVE-2015-9251

CVE.ORG link : CVE-2015-9251

JSON object : View

Products Affected

oracle

  • financial_services_analytical_applications_infrastructure
  • retail_workforce_management_software
  • communications_services_gatekeeper
  • financial_services_asset_liability_management
  • primavera_gateway
  • hospitality_cruise_fleet_management
  • peoplesoft_enterprise_peopletools
  • financial_services_data_integration_hub
  • banking_platform
  • retail_allocation
  • retail_sales_audit
  • primavera_unifier
  • communications_converged_application_server
  • utilities_framework
  • fusion_middleware_mapviewer
  • jdeveloper
  • healthcare_foundation
  • service_bus
  • financial_services_profitability_management
  • agile_product_lifecycle_management_for_process
  • endeca_information_discovery_studio
  • healthcare_translational_research
  • hospitality_reporting_and_analytics
  • oss_support_tools
  • financial_services_loan_loss_forecasting_and_provisioning
  • enterprise_operations_monitor
  • weblogic_server
  • financial_services_funds_transfer_pricing
  • insurance_insbridge_rating_and_underwriting
  • siebel_ui_framework
  • communications_interactive_session_recorder
  • financial_services_market_risk_measurement_and_management
  • financial_services_reconciliation_framework
  • communications_webrtc_session_controller
  • real-time_scheduler
  • retail_invoice_matching
  • financial_services_hedge_management_and_ifrs_valuations
  • enterprise_manager_ops_center
  • financial_services_liquidity_risk_management
  • webcenter_sites
  • business_process_management_suite
  • utilities_mobile_workforce_management
  • retail_customer_insights
  • hospitality_guest_access
  • jd_edwards_enterpriseone_tools
  • hospitality_materials_control

jquery

  • jquery
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024