Vulnerability in Oracle PeopleSoft's My Links Component
CVE-2022-21450
5.4MEDIUM
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 19 April 2022
What is CVE-2022-21450?
The PeopleSoft Enterprise PRTL Interaction Hub, part of Oracle's PeopleSoft offerings, contains a vulnerability in its My Links component. This vulnerability allows an attacker with low privileges to compromise the system with network access via HTTP. Exploitation of this weakness necessitates human interaction from an individual other than the attacker, which could lead to unauthorized alterations, such as updates, insertions, or deletions of accessible data within the Interaction Hub. Furthermore, it poses risks for unauthorized reading of a subset of data, thereby potentially affecting other interconnected products.
Affected Version(s)
PeopleSoft Enterprise PRTL Interaction Hub 9.1