Andres Georgieff

**Name of the Vulnerable Software and Affected Versions** PeopleSoft Enterprise HCM Human Resources version 9.2 **Description** The issue is related to inadequate access control in the Company Dir / Org Chart Viewer component. It allows a low-privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources, resulting in unauthorized read access to a subset of accessible data. **Recommendations** For version 9.2, consider restricting access to the Company Dir / Org Chart Viewer component to minimize the risk of exploitation until a patch is available. Additionally, review and enforce proper access controls to prevent unauthorized data access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.