BI Publisher product of Oracle Fusion Middleware versions 184.108.40.206.0 Information Exposure Vulnerability
Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 220.127.116.11.0, 18.104.22.168.0 and 22.214.171.124.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher).
The information has been provided by Ehsan Nikavar
The original article can be found at: http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Successful attacks of this vulnerability can result in unauthorized read access to a subset of BI Publisher (formerly XML Publisher) accessible data.
Oracle Fusion Middleware versions 126.96.36.199.0
Oracle Fusion Middleware versions 188.8.131.52.0
Oracle Fusion Middleware versions 184.108.40.206.0