Lucene search

Adrenalin Security Vulnerabilities

cve

CVE-2018-12234

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.

6.1CVSS

6AI Score

0.002EPSS

2018-09-06 11:29 PM

cve

CVE-2018-12652

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

6.1CVSS

6AI Score

0.001EPSS

2019-03-25 07:29 PM

cve

CVE-2018-12653

A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.

6.1CVSS

5.9AI Score

0.001EPSS

2019-03-25 07:29 PM