Matias Mevied

**Name of the Vulnerable Software and Affected Versions** Oracle Supply Chain Products Suite versions 12.0.6 through 12.2 **Description** The issue affects confidentiality and integrity, and it is related to JRAD Heartbeat. There are claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via three unspecified parameters in an unknown JSP file. **Recommendations** For Oracle Supply Chain Products Suite versions 12.0.6 through 12.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects the availability of the system, related to Monitoring and Diagnostics SEC in the JD Edwards EnterpriseOne Tools component. **Recommendations** For Oracle JD Edwards Products versions 9.1 through 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects the availability of the system. It is related to the Enterprise Infrastructure SEC in the JD Edwards EnterpriseOne Tools component. **Recommendations** For versions 9.1 and 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects the availability of the system, related to Monitoring and Diagnostics. Details about the vectors used for exploitation are not specified. **Recommendations** For Oracle JD Edwards Products versions 9.1 through 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects the availability of the system, related to Enterprise Infrastructure SEC. **Recommendations** For Oracle JD Edwards Products versions 9.1 through 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects confidentiality, integrity, and availability. It is related to Monitoring and Diagnostics in the JD Edwards EnterpriseOne Tools component. The exact nature of the vulnerability and the vectors involved are not specified. **Recommendations** For versions 9.1 through 9.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oracle JD Edwards Products versions 9.1 through 9.2 **Description** The issue affects confidentiality, integrity, and availability. It is related to the Enterprise Infrastructure SEC in the JD Edwards EnterpriseOne Tools component. **Recommendations** For versions 9.1 through 9.2, at the moment, there is no information about a newer version that contains a fix for this issue.