A vulnerability classified as critical was found in Oracle Retail Xstore Point of Service 16.0.6/17.0.4/18.0.3/19.0.2 (Warehouse Management System Software). Affected by this vulnerability is some unknown processing of the component jackson-databind. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.