The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site Request Forgery in its design. The impact is sensitive actions in the portal (such as changing a portal userβs password). NOTE: this CVE is assigned by MITRE and isnβt validated by Oracle because Oracle WebCenter Interaction Portal is out of support.