Learn about the new Oracle AI Agent Studio for Fusion Applications: Watch Now
Progress with Redwood: Redwood Resources for Oracle Cloud HCM - Go Here
Progress with Redwood: Redwood Resources for Oracle Cloud HCM - Go Here
URL Security Flaw with Hiring Manager Settings
Summary
URL Security Flaw with Hiring Manager SettingsContent
A hiring manager who has access to his personal requisition was "testing" access points by playing with the URL code within the TBE platform and entered a new number in the URL which brought up a requisition that only another hiring manager or the Administrator would have access to and the requisition was not posted or approved. As a candidate himself, he was able to see candidates within a position he had applied to and can navigate around the system now by plugging in new numbers within the URL that correspond to the requisition numbers posted on our website. This
0