OSA-36478788

Vulnerability in the Oracle Documaker product of Oracle Insurance Applications (component: Enterprise Edition (iTextPDF)). Supported versions that are affected are 12.6 and 12.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Documaker executes to compromise Oracle Documaker. Successful attacks of this vulnerability can result in takeover of Oracle Documaker. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).