Vulnerability in Oracle PeopleSoft HCM Talent Acquisition Manager
CVE-2025-30713

5.4MEDIUM

Key Information:

Vendor: Oracle
Status: Peoplesoft Enterprise Hcm Talent Acquisition Manager
Vendor: CVE Published:; 15 April 2025

Summary

This vulnerability affects the Oracle PeopleSoft Enterprise HCM Talent Acquisition Manager, specifically in the Job Opening component. It allows an attacker with low privileges and network access via HTTP to exploit the system, potentially leading to unauthorized modifications, deletions, or read access to sensitive data. This risk can escalate due to the necessity of human interaction, making it a concerning issue for organizations utilizing this software. Effective mitigation strategies are essential to protect against the adverse impacts on data confidentiality and integrity.

Affected Version(s)

PeopleSoft Enterprise HCM Talent Acquisition Manager 9.2

References

https://www.oracle.com/security-alerts/cpuapr2025.html

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Mar 25, 2025