CVE-2020-14613

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Sites versions 12.2.1.3.0 through 12.2.1.4.0

Description The issue is related to the Advanced User Interface component of Oracle WebCenter Sites, where the structure of web pages is not properly protected. This can be exploited by a remote attacker to gain unauthorized access to modify, add, or delete data, or to access protected information using the HTTP protocol. The attack requires some interaction from a person other than the attacker and can have significant impacts on additional products. Successful exploitation can result in unauthorized access to update, insert, or delete some data, as well as unauthorized read access to a subset of the data.

Recommendations For versions 12.2.1.3.0 and 12.2.1.4.0, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.