SAP Knowledge Base Article - Public

3380438 - Outdated moment.js library - Recruiting Marketing


The current version of the moment.js library is 2.8.2.
This is flagged as an outdated library and therefore appears as a potential vulnerability when security scans are run.


SAP SuccessFactors Recruiting Marketing


This is a UA library mainly used for date formatting use cases and related internalization across RMK including Advance Analytics. Note it is used only on the browser, not on the server side.
As there are other validation mechanisms in place, this does not constitute an exploitable vulnerability.
Note however that its use and possible replacement are being assessed for release 1H2024.


RMK-31584 , KBA , LOD-SF-RMK-COR , RMK Core Platform , LOD-SF-RMK-AAN , Advanced Analytics - Professional Services , Problem


SAP SuccessFactors Recruiting all versions