Thursday , 23 November 2017
Home » NEWS » TOP 10 STORIES » System bug hampering SAP E-Recruiting

System bug hampering SAP E-Recruiting

A system bug has been located within a SAP E-Recruiting system which is blocking people from registering their e-mail. The problem is that a registration URL provided to job-seekers is predictable, meaning an attacker could put other peoples’ e-mails into the system and guess the “e-mail confirmation” link. It could be blocked by adding a pre-registration nonce to the confirmation link, but that wasn’t done in release versions 605, 606, 616 or 617.

View Full Story

ORIGINAL SOURCE: The Register

About Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org