PT-2026-3694 · Oracle · Oracle Agile Product Lifecycle Management For Process
Dinh Viet Hai
+1
·
Published
2026-01-20
·
Updated
2026-01-21
·
CVE-2026-21944
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Agile Product Lifecycle Management for Process version 6.2.4
Description
An easily exploitable issue exists in the Product Quality Management component of Oracle Agile Product Lifecycle Management for Process. A low-privileged attacker with network access via HTTP can compromise the system. Successful exploitation may lead to unauthorized access to critical data or complete access to all accessible data.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Fix
XSS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Agile Product Lifecycle Management For Process