SAP Knowledge Base Article - Public

3264720 - Security Vulnerability - JavaScript library out of date- Recruiting Marketing


Ouddated and vulnerable JavaScript Library version found when performing Security tests.


SAP SuccessFactors Recruiting Marketing


This claim was assessed by our Security Team. Their conclusions are as follows:

The Security issue reported could cause XSS injection only on browsers less than or equal to IE 7.
On all the latest browsers, this is not a concern.
Since BizX (SuccessFactors instance) is not supported on those browsers, this is not considered a security issue.

Note that we are still planning the library upgrade to the latest version in a future release. 


security vulnerability, rmk, library v2.3.0, javascript library , KBA , LOD-SF-RMK-SEC , Security & Vulnerabilities , Problem


SAP SuccessFactors Recruiting all versions