Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the packets, they can obtain the plaintext session information and use it to log into the system.