/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
The current version of the moment.js library is 2.8.2.
This is flagged as an outdated library and therefore appears as a potential vulnerability when security scans are run.
Environment
SAP SuccessFactors Recruiting Marketing
Resolution
This is a UA library mainly used for date formatting use cases and related internalization across RMK including Advance Analytics. Note it is used only on the browser, not on the server side.
As there are other validation mechanisms in place, this does not constitute an exploitable vulnerability.
Note however that its use and possible replacement are being assessed for release 1H2024.
Keywords
RMK-31584 , KBA , LOD-SF-RMK-COR , RMK Core Platform , LOD-SF-RMK-AAN , Advanced Analytics - Professional Services , Problem
Product
SAP SuccessFactors Recruiting all versions
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)