Cross-Site Scripting Vulnerability in PeopleSoft Enterprise SCM by Oracle
CVE-2015-0485

Currently unrated

Key Information:

Vendor: Oracle
Status: Peoplesoft Products
Vendor: CVE Published:; 16 April 2015

What is CVE-2015-0485?

A vulnerability exists in the PeopleSoft Enterprise SCM component of Oracle PeopleSoft Products 9.1 and 9.2. This flaw allows remote authenticated users to potentially compromise the confidentiality of certain data through unspecified vectors associated with security measures. Organizations utilizing these versions of Oracle's PeopleSoft should take immediate steps to evaluate their security posture and implement necessary updates.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032125

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 16, 2015
Vulnerability Reserved
Dec 17, 2014