4 matches found
Oracle PeopleSoft - Server-Side Request Forgery Vulnerability
Exploit for java platform in category web applications Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017...
Oracle PeopleSoft - Server-Side Request Forgery
Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Roman Shalymov...
CVE-2017-3546
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: MultiChannel Framework. Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromis...
CVE-2017-3546
CVE-2017-3546 affects Oracle PeopleSoft Tools (MultiChannel Framework), specifically SSRF in IMServlet for ToolsRelease 8.55.x (ToolsReleaseDB 8.55; HCM 9.2). Connected docs show SSRF allows remote attacker over network to cause cross-site requests, enabling potentially unauthorized access or por...