CVE-2015-9251

jquery: Cross-site scripting via cross-domain ajax requests

Severity Score

6.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

jQuery en versiones anteriores a la 3.0.0 es vulnerable a ataques de Cross-site Scripting (XSS) cuando se realiza una petición Ajax de dominios cruzados sin la opción dataType. Esto provoca que se ejecuten respuestas de texto/javascript.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-01-18 CVE Reserved
2018-01-18 CVE Published
2019-01-31 First Exploit
2023-09-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (41)

URL	Tag	Source
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html	X_refsource_misc
http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html	X_refsource_misc
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html	X_refsource_misc
http://seclists.org/fulldisclosure/2019/May/10	Mailing List
http://seclists.org/fulldisclosure/2019/May/11	Mailing List
http://seclists.org/fulldisclosure/2019/May/13	Mailing List
http://www.securityfocus.com/bid/105658	Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04	Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	X_refsource_confirm
https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E	Mailing List
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E	Mailing List
https://seclists.org/bugtraq/2019/May/18	Mailing List
https://security.netapp.com/advisory/ntap-20210108-0004	X_refsource_confirm
https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html	X_refsource_misc
https://www.oracle.com/security-alerts/cpujan2020.html	X_refsource_misc
https://www.oracle.com/security-alerts/cpujul2020.html	X_refsource_misc
https://www.oracle.com/security-alerts/cpuoct2020.html	X_refsource_misc
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	X_refsource_misc
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	X_refsource_misc
https://www.tenable.com/security/tns-2019-08	X_refsource_confirm

URL	Date	SRC
https://github.com/halkichi0308/CVE-2015-9251	2019-01-31

URL	Date	SRC
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	2023-11-07
https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc	2023-11-07
https://github.com/jquery/jquery/issues/2432	2023-11-07
https://github.com/jquery/jquery/pull/2588	2023-11-07
https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2	2023-11-07
https://snyk.io/vuln/npm:jquery:20150627	2023-11-07
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	2023-11-07
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	2023-11-07

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html	2023-11-07
https://access.redhat.com/errata/RHSA-2020:0481	2023-11-07
https://access.redhat.com/errata/RHSA-2020:0729	2023-11-07
https://access.redhat.com/security/cve/CVE-2015-9251	2023-01-31
https://bugzilla.redhat.com/show_bug.cgi?id=1399546	2023-01-31

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Jquery Search vendor "Jquery"		Jquery Search vendor "Jquery" for product "Jquery"				< 3.0.0 Search vendor "Jquery" for product "Jquery" and version " < 3.0.0"		-		Affected
Oracle Search vendor "Oracle"		Agile Product Lifecycle Management For Process Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process"				6.2.0.0 Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process" and version "6.2.0.0"		-		Affected
Oracle Search vendor "Oracle"		Agile Product Lifecycle Management For Process Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process"				6.2.1.0 Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process" and version "6.2.1.0"		-		Affected
Oracle Search vendor "Oracle"		Agile Product Lifecycle Management For Process Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process"				6.2.2.0 Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process" and version "6.2.2.0"		-		Affected
Oracle Search vendor "Oracle"		Agile Product Lifecycle Management For Process Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process"				6.2.3.0 Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process" and version "6.2.3.0"		-		Affected
Oracle Search vendor "Oracle"		Agile Product Lifecycle Management For Process Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process"				6.2.3.1 Search vendor "Oracle" for product "Agile Product Lifecycle Management For Process" and version "6.2.3.1"		-		Affected
Oracle Search vendor "Oracle"		Banking Platform Search vendor "Oracle" for product "Banking Platform"				2.6.0 Search vendor "Oracle" for product "Banking Platform" and version "2.6.0"		-		Affected
Oracle Search vendor "Oracle"		Banking Platform Search vendor "Oracle" for product "Banking Platform"				2.6.1 Search vendor "Oracle" for product "Banking Platform" and version "2.6.1"		-		Affected
Oracle Search vendor "Oracle"		Banking Platform Search vendor "Oracle" for product "Banking Platform"				2.6.2 Search vendor "Oracle" for product "Banking Platform" and version "2.6.2"		-		Affected
Oracle Search vendor "Oracle"		Business Process Management Suite Search vendor "Oracle" for product "Business Process Management Suite"				11.1.1.9.0 Search vendor "Oracle" for product "Business Process Management Suite" and version "11.1.1.9.0"		-		Affected
Oracle Search vendor "Oracle"		Business Process Management Suite Search vendor "Oracle" for product "Business Process Management Suite"				12.1.3.0.0 Search vendor "Oracle" for product "Business Process Management Suite" and version "12.1.3.0.0"		-		Affected
Oracle Search vendor "Oracle"		Business Process Management Suite Search vendor "Oracle" for product "Business Process Management Suite"				12.2.1.3.0 Search vendor "Oracle" for product "Business Process Management Suite" and version "12.2.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Communications Converged Application Server Search vendor "Oracle" for product "Communications Converged Application Server"				< 7.0.0.1 Search vendor "Oracle" for product "Communications Converged Application Server" and version " < 7.0.0.1"		-		Affected
Oracle Search vendor "Oracle"		Communications Interactive Session Recorder Search vendor "Oracle" for product "Communications Interactive Session Recorder"				6.0 Search vendor "Oracle" for product "Communications Interactive Session Recorder" and version "6.0"		-		Affected
Oracle Search vendor "Oracle"		Communications Interactive Session Recorder Search vendor "Oracle" for product "Communications Interactive Session Recorder"				6.1 Search vendor "Oracle" for product "Communications Interactive Session Recorder" and version "6.1"		-		Affected
Oracle Search vendor "Oracle"		Communications Interactive Session Recorder Search vendor "Oracle" for product "Communications Interactive Session Recorder"				6.2 Search vendor "Oracle" for product "Communications Interactive Session Recorder" and version "6.2"		-		Affected
Oracle Search vendor "Oracle"		Communications Services Gatekeeper Search vendor "Oracle" for product "Communications Services Gatekeeper"				< 6.1.0.4.0 Search vendor "Oracle" for product "Communications Services Gatekeeper" and version " < 6.1.0.4.0"		-		Affected
Oracle Search vendor "Oracle"		Communications Webrtc Session Controller Search vendor "Oracle" for product "Communications Webrtc Session Controller"				< 7.2 Search vendor "Oracle" for product "Communications Webrtc Session Controller" and version " < 7.2"		-		Affected
Oracle Search vendor "Oracle"		Endeca Information Discovery Studio Search vendor "Oracle" for product "Endeca Information Discovery Studio"				3.1.0 Search vendor "Oracle" for product "Endeca Information Discovery Studio" and version "3.1.0"		-		Affected
Oracle Search vendor "Oracle"		Endeca Information Discovery Studio Search vendor "Oracle" for product "Endeca Information Discovery Studio"				3.2.0 Search vendor "Oracle" for product "Endeca Information Discovery Studio" and version "3.2.0"		-		Affected
Oracle Search vendor "Oracle"		Enterprise Manager Ops Center Search vendor "Oracle" for product "Enterprise Manager Ops Center"				12.2.2 Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.2.2"		-		Affected
Oracle Search vendor "Oracle"		Enterprise Manager Ops Center Search vendor "Oracle" for product "Enterprise Manager Ops Center"				12.3.3 Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.3.3"		-		Affected
Oracle Search vendor "Oracle"		Enterprise Operations Monitor Search vendor "Oracle" for product "Enterprise Operations Monitor"				3.4 Search vendor "Oracle" for product "Enterprise Operations Monitor" and version "3.4"		-		Affected
Oracle Search vendor "Oracle"		Enterprise Operations Monitor Search vendor "Oracle" for product "Enterprise Operations Monitor"				4.0 Search vendor "Oracle" for product "Enterprise Operations Monitor" and version "4.0"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Analytical Applications Infrastructure Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure"				>= 7.3.3 <= 7.3.5 Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure" and version " >= 7.3.3 <= 7.3.5"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Analytical Applications Infrastructure Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure"				>= 8.0.0 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Analytical Applications Infrastructure" and version " >= 8.0.0 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Asset Liability Management Search vendor "Oracle" for product "Financial Services Asset Liability Management"				>= 8.0.4 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Asset Liability Management" and version " >= 8.0.4 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Data Integration Hub Search vendor "Oracle" for product "Financial Services Data Integration Hub"				>= 8.0.5 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Data Integration Hub" and version " >= 8.0.5 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Funds Transfer Pricing Search vendor "Oracle" for product "Financial Services Funds Transfer Pricing"				>= 8.0.4 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Funds Transfer Pricing" and version " >= 8.0.4 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Hedge Management And Ifrs Valuations Search vendor "Oracle" for product "Financial Services Hedge Management And Ifrs Valuations"				>= 8.0.4 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Hedge Management And Ifrs Valuations" and version " >= 8.0.4 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Liquidity Risk Management Search vendor "Oracle" for product "Financial Services Liquidity Risk Management"				>= 8.0.2 <= 8.0.6 Search vendor "Oracle" for product "Financial Services Liquidity Risk Management" and version " >= 8.0.2 <= 8.0.6"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Loan Loss Forecasting And Provisioning Search vendor "Oracle" for product "Financial Services Loan Loss Forecasting And Provisioning"				>= 8.0.2 <= 8.0.7 Search vendor "Oracle" for product "Financial Services Loan Loss Forecasting And Provisioning" and version " >= 8.0.2 <= 8.0.7"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Market Risk Measurement And Management Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management"				8.0.5 Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management" and version "8.0.5"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Market Risk Measurement And Management Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management"				8.0.6 Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management" and version "8.0.6"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Profitability Management Search vendor "Oracle" for product "Financial Services Profitability Management"				>= 8.0.4 <= 8.0.6 Search vendor "Oracle" for product "Financial Services Profitability Management" and version " >= 8.0.4 <= 8.0.6"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Reconciliation Framework Search vendor "Oracle" for product "Financial Services Reconciliation Framework"				8.0.5 Search vendor "Oracle" for product "Financial Services Reconciliation Framework" and version "8.0.5"		-		Affected
Oracle Search vendor "Oracle"		Financial Services Reconciliation Framework Search vendor "Oracle" for product "Financial Services Reconciliation Framework"				8.0.6 Search vendor "Oracle" for product "Financial Services Reconciliation Framework" and version "8.0.6"		-		Affected
Oracle Search vendor "Oracle"		Fusion Middleware Mapviewer Search vendor "Oracle" for product "Fusion Middleware Mapviewer"				12.2.1.3.0 Search vendor "Oracle" for product "Fusion Middleware Mapviewer" and version "12.2.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Healthcare Foundation Search vendor "Oracle" for product "Healthcare Foundation"				7.1 Search vendor "Oracle" for product "Healthcare Foundation" and version "7.1"		-		Affected
Oracle Search vendor "Oracle"		Healthcare Foundation Search vendor "Oracle" for product "Healthcare Foundation"				7.2 Search vendor "Oracle" for product "Healthcare Foundation" and version "7.2"		-		Affected
Oracle Search vendor "Oracle"		Healthcare Translational Research Search vendor "Oracle" for product "Healthcare Translational Research"				3.1.0 Search vendor "Oracle" for product "Healthcare Translational Research" and version "3.1.0"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Cruise Fleet Management Search vendor "Oracle" for product "Hospitality Cruise Fleet Management"				9.0.11 Search vendor "Oracle" for product "Hospitality Cruise Fleet Management" and version "9.0.11"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Guest Access Search vendor "Oracle" for product "Hospitality Guest Access"				4.2.0 Search vendor "Oracle" for product "Hospitality Guest Access" and version "4.2.0"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Guest Access Search vendor "Oracle" for product "Hospitality Guest Access"				4.2.1 Search vendor "Oracle" for product "Hospitality Guest Access" and version "4.2.1"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Materials Control Search vendor "Oracle" for product "Hospitality Materials Control"				18.1 Search vendor "Oracle" for product "Hospitality Materials Control" and version "18.1"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Reporting And Analytics Search vendor "Oracle" for product "Hospitality Reporting And Analytics"				9.1.0 Search vendor "Oracle" for product "Hospitality Reporting And Analytics" and version "9.1.0"		-		Affected
Oracle Search vendor "Oracle"		Insurance Insbridge Rating And Underwriting Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting"				5.2 Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting" and version "5.2"		-		Affected
Oracle Search vendor "Oracle"		Insurance Insbridge Rating And Underwriting Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting"				5.4 Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting" and version "5.4"		-		Affected
Oracle Search vendor "Oracle"		Insurance Insbridge Rating And Underwriting Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting"				5.5 Search vendor "Oracle" for product "Insurance Insbridge Rating And Underwriting" and version "5.5"		-		Affected
Oracle Search vendor "Oracle"		Jd Edwards Enterpriseone Tools Search vendor "Oracle" for product "Jd Edwards Enterpriseone Tools"				9.2 Search vendor "Oracle" for product "Jd Edwards Enterpriseone Tools" and version "9.2"		-		Affected
Oracle Search vendor "Oracle"		Jdeveloper Search vendor "Oracle" for product "Jdeveloper"				11.1.1.9.0 Search vendor "Oracle" for product "Jdeveloper" and version "11.1.1.9.0"		-		Affected
Oracle Search vendor "Oracle"		Jdeveloper Search vendor "Oracle" for product "Jdeveloper"				12.1.3.0.0 Search vendor "Oracle" for product "Jdeveloper" and version "12.1.3.0.0"		-		Affected
Oracle Search vendor "Oracle"		Jdeveloper Search vendor "Oracle" for product "Jdeveloper"				12.2.1.3.0 Search vendor "Oracle" for product "Jdeveloper" and version "12.2.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Oss Support Tools Search vendor "Oracle" for product "Oss Support Tools"				19.1 Search vendor "Oracle" for product "Oss Support Tools" and version "19.1"		-		Affected
Oracle Search vendor "Oracle"		Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"				8.55 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.55"		-		Affected
Oracle Search vendor "Oracle"		Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"				8.56 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.56"		-		Affected
Oracle Search vendor "Oracle"		Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools"				8.57 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.57"		-		Affected
Oracle Search vendor "Oracle"		Primavera Gateway Search vendor "Oracle" for product "Primavera Gateway"				15.2 Search vendor "Oracle" for product "Primavera Gateway" and version "15.2"		-		Affected
Oracle Search vendor "Oracle"		Primavera Gateway Search vendor "Oracle" for product "Primavera Gateway"				16.2 Search vendor "Oracle" for product "Primavera Gateway" and version "16.2"		-		Affected
Oracle Search vendor "Oracle"		Primavera Gateway Search vendor "Oracle" for product "Primavera Gateway"				17.12 Search vendor "Oracle" for product "Primavera Gateway" and version "17.12"		-		Affected
Oracle Search vendor "Oracle"		Primavera Unifier Search vendor "Oracle" for product "Primavera Unifier"				>= 17.1 <= 17.12 Search vendor "Oracle" for product "Primavera Unifier" and version " >= 17.1 <= 17.12"		-		Affected
Oracle Search vendor "Oracle"		Primavera Unifier Search vendor "Oracle" for product "Primavera Unifier"				16.1 Search vendor "Oracle" for product "Primavera Unifier" and version "16.1"		-		Affected
Oracle Search vendor "Oracle"		Primavera Unifier Search vendor "Oracle" for product "Primavera Unifier"				16.2 Search vendor "Oracle" for product "Primavera Unifier" and version "16.2"		-		Affected
Oracle Search vendor "Oracle"		Primavera Unifier Search vendor "Oracle" for product "Primavera Unifier"				18.8 Search vendor "Oracle" for product "Primavera Unifier" and version "18.8"		-		Affected
Oracle Search vendor "Oracle"		Real-time Scheduler Search vendor "Oracle" for product "Real-time Scheduler"				2.3.0 Search vendor "Oracle" for product "Real-time Scheduler" and version "2.3.0"		-		Affected
Oracle Search vendor "Oracle"		Retail Allocation Search vendor "Oracle" for product "Retail Allocation"				15.0.2 Search vendor "Oracle" for product "Retail Allocation" and version "15.0.2"		-		Affected
Oracle Search vendor "Oracle"		Retail Customer Insights Search vendor "Oracle" for product "Retail Customer Insights"				15.0 Search vendor "Oracle" for product "Retail Customer Insights" and version "15.0"		-		Affected
Oracle Search vendor "Oracle"		Retail Customer Insights Search vendor "Oracle" for product "Retail Customer Insights"				16.0 Search vendor "Oracle" for product "Retail Customer Insights" and version "16.0"		-		Affected
Oracle Search vendor "Oracle"		Retail Invoice Matching Search vendor "Oracle" for product "Retail Invoice Matching"				15.0 Search vendor "Oracle" for product "Retail Invoice Matching" and version "15.0"		-		Affected
Oracle Search vendor "Oracle"		Retail Sales Audit Search vendor "Oracle" for product "Retail Sales Audit"				15.0 Search vendor "Oracle" for product "Retail Sales Audit" and version "15.0"		-		Affected
Oracle Search vendor "Oracle"		Retail Workforce Management Software Search vendor "Oracle" for product "Retail Workforce Management Software"				1.60.9 Search vendor "Oracle" for product "Retail Workforce Management Software" and version "1.60.9"		-		Affected
Oracle Search vendor "Oracle"		Retail Workforce Management Software Search vendor "Oracle" for product "Retail Workforce Management Software"				1.64.0 Search vendor "Oracle" for product "Retail Workforce Management Software" and version "1.64.0"		-		Affected
Oracle Search vendor "Oracle"		Service Bus Search vendor "Oracle" for product "Service Bus"				12.1.3.0.0 Search vendor "Oracle" for product "Service Bus" and version "12.1.3.0.0"		-		Affected
Oracle Search vendor "Oracle"		Service Bus Search vendor "Oracle" for product "Service Bus"				12.2.1.3.0 Search vendor "Oracle" for product "Service Bus" and version "12.2.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Siebel Ui Framework Search vendor "Oracle" for product "Siebel Ui Framework"				18.10 Search vendor "Oracle" for product "Siebel Ui Framework" and version "18.10"		-		Affected
Oracle Search vendor "Oracle"		Siebel Ui Framework Search vendor "Oracle" for product "Siebel Ui Framework"				18.11 Search vendor "Oracle" for product "Siebel Ui Framework" and version "18.11"		-		Affected
Oracle Search vendor "Oracle"		Utilities Framework Search vendor "Oracle" for product "Utilities Framework"				>= 4.3.0.1 <= 4.3.0.4 Search vendor "Oracle" for product "Utilities Framework" and version " >= 4.3.0.1 <= 4.3.0.4"		-		Affected
Oracle Search vendor "Oracle"		Utilities Mobile Workforce Management Search vendor "Oracle" for product "Utilities Mobile Workforce Management"				2.3.0 Search vendor "Oracle" for product "Utilities Mobile Workforce Management" and version "2.3.0"		-		Affected
Oracle Search vendor "Oracle"		Webcenter Sites Search vendor "Oracle" for product "Webcenter Sites"				11.1.1.8.0 Search vendor "Oracle" for product "Webcenter Sites" and version "11.1.1.8.0"		-		Affected
Oracle Search vendor "Oracle"		Weblogic Server Search vendor "Oracle" for product "Weblogic Server"				12.1.3.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.1.3.0"		-		Affected
Oracle Search vendor "Oracle"		Weblogic Server Search vendor "Oracle" for product "Weblogic Server"				12.2.1.3 Search vendor "Oracle" for product "Weblogic Server" and version "12.2.1.3"		-		Affected