Scripting

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-21943 MEDIUM This Month

Reflected cross-site scripting in Oracle E-Business Suite Scripting Admin (versions 12.2.3-12.2.15) allows unauthenticated attackers to modify or read sensitive data via malicious HTTP requests that require user interaction. The vulnerability can impact other Oracle products due to scope changes and currently lacks an available patch. CVSS 6.1 (Medium) reflects low-complexity network-based exploitation with confidentiality and integrity impacts.

Oracle Scripting

NVD

CVSS 3.1

6.1

EPSS

0.0%

CVE-2026-21943

EPSS 0% CVSS 6.1

MEDIUM This Month

Reflected cross-site scripting in Oracle E-Business Suite Scripting Admin (versions 12.2.3-12.2.15) allows unauthenticated attackers to modify or read sensitive data via malicious HTTP requests that require user interaction. The vulnerability can impact other Oracle products due to scope changes and currently lacks an available patch. CVSS 6.1 (Medium) reflects low-complexity network-based exploitation with confidentiality and integrity impacts.

Oracle Scripting

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy