CVE-2025-53048

Name of the Vulnerable Software and Affected Versions Oracle PeopleSoft versions 8.60 through 8.62

Description A flaw exists within the Rich Text Editor component of Oracle PeopleSoft Enterprise PeopleTools. This issue allows a low-privileged attacker with network access via HTTP to compromise the system. Exploitation requires interaction from a user other than the attacker. Successful attacks can lead to unauthorized data modification, insertion, deletion, and read access to PeopleSoft Enterprise PeopleTools data.

Recommendations Update PeopleSoft Enterprise PeopleTools version 8.60 to a later version. Update PeopleSoft Enterprise PeopleTools version 8.61 to a later version. Update PeopleSoft Enterprise PeopleTools version 8.62 to a later version.