naukri.comA famous Indian employment website, has set a bug that exposes recruiters’ e -mail addresses that use its platform to search and hire online talent.
The issue discovered by security researcher Lohith Gowda affected the API that the job used on its Android and iOS apps. API exposes e -mail addresses of potential candidates on the Novakri platform. This problem did not affect the company’s website.
Gowda told Tech Crunch, “Exposed e -mail ID can be used for fashing attacks targeting, and recruiters can find excessive emails and spams.”
He added that the exposed email ID could be included in the public violation database or spam lists, and that large -scale email address scraping could cause automatic boot abuse or scam.
The researcher confirmed the exhibition after sharing details about the bug. The researcher confirmed the Tech Crunch that the problem was resolved earlier this week, which was confirmed by the job on Friday.
“All identified additions are enforced, ensuring that our system is updated and flexible,” said Alok Vage, the head of the IT infrastructure, IT infrastructure, the IT infrastructure head of the company’s Information Company Information. “Our teams have not been able to detect any routine activity that affects the integrity of user data.”
Established in March 1997, Naukri.com is India’s high -ranking recruitment website, which helps to connect recruiters, employers and job seekers. Apart from India, this site is in the Middle East as a naukrigulf.com.
“Some of the features of our recruitment profiles have been made public to enable users to know who their profile (who) has access to them,” said Vice.