You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Get Started: AI Resources for Oracle Cloud HCM – Go Here

Progress with Redwood: Redwood Resources for Oracle Cloud HCM -  Go Here

Urls for active sessions - while having a custom SSO enabled

edited Dec 22, 2017 5:45PM in Taleo Learn 2 comments

Summary

Custom SSO | the URL has a vulnerability for the duration of the active session

Content

A current state concern is that when folks are sharing urls? They are sharing a method to get into the system that is bypassing authentication.

These aren't deeplink urls. These are just the any URL with a valid session that is on.

Question to the community / You ever run into the vulnerability? Were you able to resolve it with MOS?

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!