|CVE Description||CVSSv2 Base Score||Component||Product and Resolution|
|CVE-2011-2522 Cross-Site Request Forgery (CSRF) vulnerability ||6.8 ||Samba || |
|CVE-2011-2694 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability ||2.6 |
This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.
Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.