Oracle

Peoplesoft Enterprise Peopletools

354 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2020-7017

  • EPSS 1.2%
  • Veröffentlicht 27.07.2020 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:36:30

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of...

6.1

CVE-2020-14627

  • EPSS 0.58%
  • Veröffentlicht 15.07.2020 18:15:27
  • Zuletzt bearbeitet 21.11.2024 05:03:43

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access...

4.3

CVE-2020-14600

  • EPSS 0.71%
  • Veröffentlicht 15.07.2020 18:15:25
  • Zuletzt bearbeitet 21.11.2024 05:03:39

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

6.1

CVE-2020-14592

  • EPSS 0.85%
  • Veröffentlicht 15.07.2020 18:15:24
  • Zuletzt bearbeitet 21.11.2024 05:03:37

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Rich Text Editor). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with net...

4

CVE-2020-14564

  • EPSS 0.21%
  • Veröffentlicht 15.07.2020 18:15:22
  • Zuletzt bearbeitet 21.11.2024 05:03:33

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Environment Mgmt Console). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker ...

5.3

CVE-2020-14558

  • EPSS 0.77%
  • Veröffentlicht 15.07.2020 18:15:20
  • Zuletzt bearbeitet 21.11.2024 05:03:32

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

7.4

CVE-2020-8203

Exploit
  • EPSS 3.22%
  • Veröffentlicht 15.07.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:38:29

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

6.1

CVE-2020-7656

Exploit
  • EPSS 1.11%
  • Veröffentlicht 19.05.2020 21:15:10
  • Zuletzt bearbeitet 21.11.2024 05:37:33

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...

6.1

CVE-2020-11022

Exploit
  • EPSS 2.39%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 13.04.2026 15:16:29

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in...

4.3

CVE-2020-9488

  • EPSS 0.03%
  • Veröffentlicht 27.04.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:40:45

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Lo...