Khanh Nguyen Duy Quoc

**Name of the Vulnerable Software and Affected Versions** Oracle BI Publisher version 6.4.0.0.0 **Description** The issue exists due to insufficient input validation in the Security component of Oracle BI Publisher. This allows a remote attacker to disclose sensitive information using HTTP requests. Successful attacks require human interaction and can result in unauthorized access to critical data or complete access to all accessible data. **Recommendations** For Oracle BI Publisher version 6.4.0.0.0, update to a version that addresses the insufficient input validation issue in the Security component to prevent unauthorized access to sensitive information.