3732647 - User can view profile photo even without permission

User can view profile photo in people search, org chart or mini org chart even when they do not have such permission.

• SuccessFactors Employee Central
• SuccessFactors Employee Profile

1. Sign in as a user who does not have permission to view other users’ profile photos.
2. Open a user’s profile and use the people search box in the profile header to search for other users.
3. Observe that profile photos appear in the people search results.
4. The profile photos can also show up in org chart or mini org chart.

Staring 2H2025, the BizX dynamic content caching feature of Akamai was enabled via a feature toggle. This means that profile photo URLs could be cached as well.

To clear the cache, please raised an ticket to LOD-SF-EP-PHO to ask the engineering team to turn off the feature toggle.

INC23505004, people search, profile photo, photo visibility, photo permission, role-based permission, rbp, picture, caching, cache, org chart, mini org chart, people profile, employee central, photo management, employee profile, PPX, photo should not display, photo should not be visible , KBA , LOD-SF-EP-PHO , Photo Management , Problem

SAP SuccessFactors Employee Central 2511 ; SAP SuccessFactors HCM Core all versions