faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J prior to 2.3.10 and Mojarra JavaServer Faces prior to 2.2.20, allows Reflected XSS because a client window field is mishandled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse mojarra |
||
oracle mojarra javaserver faces |
||
oracle application testing suite 13.2.0.1 |
||
oracle application testing suite 13.3.0.1 |
||
oracle banking enterprise product manufacturing 2.7.0 |
||
oracle banking enterprise product manufacturing 2.8.0 |
||
oracle communications diameter signaling router |
||
oracle communications network integrity 7.3.5 |
||
oracle communications network integrity 7.3.6 |
||
oracle communications unified inventory management 7.3.0 |
||
oracle communications unified inventory management 7.4.0 |
||
oracle enterprise data quality 12.2.1.3.0 |
||
oracle health sciences information manager 3.0 |
||
oracle healthcare data repository 7.0 |
||
oracle primavera p6 enterprise project portfolio management |
||
oracle primavera p6 enterprise project portfolio management 19.12.0.0 |
||
oracle rapid planning 12.1 |
||
oracle rapid planning 12.2 |
||
oracle retail advanced inventory planning 15.0 |
||
oracle retail advanced inventory planning 16.0 |
||
oracle retail assortment planning 16.0.3 |
||
oracle retail bulk data integration 16.0.3.0 |
||
oracle retail financial integration 15.0 |
||
oracle retail financial integration 16.0 |
||
oracle retail integration bus 15.0 |
||
oracle retail integration bus 16.0 |
||
oracle retail invoice matching 16.0 |
||
oracle retail merchandising system 16.0 |
||
oracle retail service backbone 15.0 |
||
oracle retail service backbone 16.0 |
||
oracle retail store inventory management 14.0.4 |
||
oracle retail store inventory management 14.1.3 |
||
oracle retail store inventory management 15.0.3 |
||
oracle retail store inventory management 16.0.3 |
||
oracle secure global desktop 5.4 |
||
oracle secure global desktop 5.5 |
||
oracle time and labor |