N/A

The user login page in Visibility Software Cyber Recruiter before 8.1.00 generates different responses for invalid password-retrieval attempts depending on which data elements are incorrect, which might allow remote attackers to obtain account-related information via a series of requests.

N/A

N/A

Visibility Software Cyber Recruiter 信息泄露漏洞

Visibility Software Cyber Recruiter是美国Visibility软件公司的一套网络招聘解决方案。该方案提供面试安排、面试评价表、入职信息管理等功能。 Visibility Software Cyber Recruiter 8.0及之前版本中的用户登录页面中存在信息泄露漏洞。远程攻击者可通过发送一系列的请求利用该漏洞获取账户相关的信息。

N/A

N/A