donut117

## CVE-2019-14932
[Description]
Humatrix offers you the most comprehensive Human Resource management solution to cover all of your HR needs in a single integrated, easy to configure & use system that is accessible 24×7 through the web and mobile.  The modular nature of Humatrix solution allows you to personalize and roll out only the modules you need, when you need it, helping you to reduce complexity, improve usability and productivity. (Information from Humanica homepage)

[Suggested description]
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and
1.0.0.203 allows an unauthenticated attacker to access all
candidates' information remotely on the website by modifying "selApp" parameter
on resumeDetail.cfm.

This includes personal information and other sensitive data of the applicants.
	[Description]
	Humatrix offers you the most comprehensive Human Resource management solution to cover all of your HR needs in a single integrated, easy to configure & use system that is accessible 24×7 through the web and mobile. The modular nature of Humatrix solution allows you to personalize and roll out only the modules you need, when you need it, helping you to reduce complexity, improve usability and productivity. (Information from Humanica homepage)

	[Suggested description]
	The Recruitment module in Humanica Humatrix 7 1.0.0.681 and
	1.0.0.203 allows an unauthenticated attacker to access all
	candidates' information remotely on the website by modifying "selApp" parameter
	on resumeDetail.cfm.

	This includes personal information and other sensitive data of the applicants.