Critical Alert 1 Active Exploit Detected Today

CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability →
Powered by CVE Watchtower
×
June 14, 2026

CVE Watchtower


← Back to CVE List

CVE-2025-4673NVD

Vulnerability Summary

Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
Severity Level
MEDIUM(6.8)
Published Date
Jun 11, 2025
Last Modified
Jun 12, 2025
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone

External References