The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote malicious users to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
humanica humatrix 7 1.0.0.203 |
||
humanica humatrix 7 1.0.0.681 |