You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register
Skip to content
  • Register
    • Learn about the new Oracle Fusion AI Agent Studio on April 15, 2025 at 8:00 am PT - Register Now

    Get Started with Redwood for Oracle Cloud HCM   Begin Now
    To ensure that questions get required attention from community members and are NOT left unanswered, it’s important for the author to indicate (by selecting “Yes” or “No” when prompted) whether the question was answered. (newly added) Please note that it is also important to respond to EACH comment your question receives. Your Yes or No response ensures an accurate status for your question.

    For more information, please refer to this announcement explaining best practices for getting answers to questions.

    Security Issue with Recruiting

    in Recruiting, Opportunity Marketplace

    Summary:

    Security Issue with Recruiting when candidate has an O Assignment record (i.e. Offer, rejected)

    Content (please ensure you mask any confidential information):

    Hi,

    We found an issue with the following scenario, which seems like a loophole. Can someone please advise?

    1. Ex-employee Candidate (Company A) applied via ORC (applied to Company B) and received an offer, and rejected the offer. This created O Assignment for that Ex-employee for Company B.
    2. HR from Company B access Person Security Profile secured by AoR Company B with "Candidate with Offer" checked.
    3. When that O Assignment is created from the offer, HR from step 2 suddenly has access to all CoreHR data of that Ex-Employee when they were back in Company A.
    Tagged:

    Howdy, Stranger!

    Log In

    To view full details, sign in.

    Register

    Don't have an account? Click here to get started!