Skip to main content

Peoplesoft Enterprise Hcm Human Resources

2 CVEs product

Monthly

CVE-2026-21961 MEDIUM This Month

Unauthenticated attackers can exploit a cross-site request forgery vulnerability in Oracle PeopleSoft Enterprise HCM Human Resources 9.2 through the Company Directory/Org Chart Viewer component to read, modify, or delete sensitive employee data via HTTP with user interaction. The vulnerability requires a victim to click a malicious link but impacts multiple PeopleSoft products and modules beyond the initial target. No patch is currently available for this medium-severity issue (CVSS 6.1).

Oracle Peoplesoft Enterprise Hcm Human Resources
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2024-21154 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Human Resources). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oracle Peoplesoft Enterprise Hcm Human Resources
NVD
CVSS 3.1
4.3
EPSS
0.4%
EPSS 0% CVSS 6.1
MEDIUM This Month

Unauthenticated attackers can exploit a cross-site request forgery vulnerability in Oracle PeopleSoft Enterprise HCM Human Resources 9.2 through the Company Directory/Org Chart Viewer component to read, modify, or delete sensitive employee data via HTTP with user interaction. The vulnerability requires a victim to click a malicious link but impacts multiple PeopleSoft products and modules beyond the initial target. No patch is currently available for this medium-severity issue (CVSS 6.1).

Oracle Peoplesoft Enterprise Hcm Human Resources
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Human Resources). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Oracle Peoplesoft Enterprise Hcm Human Resources
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy