The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates’ information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and other sensitive data.
CPE | Name | Operator | Version |
---|---|---|---|
humatrix_7 | eq | 1.0.0.203 | |
humatrix_7 | eq | 1.0.0.681 |