SAP SuccessFactors Elevation of Privilege Vulnerability

SAP SuccessFactors is a cloud-based hcm software application from SAP, Germany. SAP SuccessFactors suffers from an elevation of privilege vulnerability that stems from an application endpoint misconfiguration. An attacker could use the vulnerability to elevate privileges and read or write...

CVE-2022-35291

The CVE-2022-35291 entry describes a privilege-escalation vulnerability in SAP SuccessFactors via misconfigured attachment API endpoints used by the SF Mobile app (Time Off, Time Sheet, EC Workflow, Benefits). The underlying issue is endpoint misconfiguration that allows attackers with user privi...

CVE-2021-40498

A vulnerability has been identified in SAP SuccessFactors Mobile Application for Android - versions older than 2108, which allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, which can lead to denial of service. The vulnerability is...

successfactors.com XSS vulnerability

Open Bug Bounty ID: OBB-543662 Description| Value ---|--- Affected Website:| successfactors.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

SuccessFactors - Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application SuccessFactors published at the 'play' market has multiple vulnerabilities...

successfactors.com XSS vulnerability

Vulnerable URL: http://www.successfactors.com/enus/search/jcr:content/sfSearch.sfSearch.html?searchStandard=true=10=0=OPENBUGBOUNTY"=0=enus=0=0== Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2628 VIP website...