← Back

Retail Xstore Office Cloud Service

retail_xstore_office_cloud_service

Vendor: Oracle • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-13936
3Apache
DebianOracle
16Banking Deposits And Lines Of Credit Servicing
Banking Enterprise Default ManagementBanking Loans Servicing+13 more
Nov 21, 2024
Mar 10, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications t...Show more
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.Show less