My Oracle Support Banner

Security Vulnerabilities in Yahoo User Interface (YUI) 3.0 (Doc ID 2332608.1)

Last updated on MARCH 01, 2019

Applies to:

Oracle Financial Services Revenue Management and Billing - Version and later
Oracle Utilities Framework - Version and later
Information in this document applies to any platform.


A vulnerable component(s) (e.g., framework libraries) was identified within the application's code base. An attacker can potentially identify vulnerable components through scanning or manual analysis. Potential exploitation of this component(s) can leverage attacks such as injection, broken access control, XSS, denial of service, etc. The impact can range from minimal to complete host takeover and data compromise.
Affected Hosts/URLs:
Resolved Hosts/URLs:
Copyright (c) 2011, Yahoo! Inc. All rights reserved.
Code licensed under the BSD License:
version: 2.9.0
The vulnerability is affecting all versions prior 3.10.3 (between * and 3.10.3). Additional details can be found at


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.