Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/09/18 2:24 p.m.3 views

CVE-2025-8057

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...

6.5CVSS5.4AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/16 2:2 p.m.11 views

CVE-2025-8057 IDOR in Patika Global Technologies' HumanSuite

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...

6.5CVSS0.00263EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 2:2 p.m.12 views

CVE-2025-8057

CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...

6.5CVSS5.4AI score0.00263EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/09/16 2:2 p.m.4 views

CVE-2025-8057

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...

6.5CVSS5.5AI score0.00263EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/16 2:0 p.m.5 views

CVE-2025-8276 HTML Injection in Patika Global Technologies' HumanSuite

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

4.3CVSS5.4AI score0.00314EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/09/16 2:0 p.m.9 views

CVE-2025-8276

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

9.8CVSS5.4AI score0.00314EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.16 views

PT-2025-37992

Name of the Vulnerable Software and Affected Versions HumanSuite versions prior to 53.21.0 Description HumanSuite is susceptible to multiple issues including improper encoding or escaping of output, improper neutralization of special elements in output used by a downstream component injection,...

9.8CVSS5.6AI score0.00314EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.4 views

Patika Global HumanSuite 安全漏洞

Patika Global HumanSuite is a human resource management platform from Patika Global, Turkey. A security vulnerability exists in Patika Global HumanSuite versions prior to 53.21.0, which stems from a user-controllable key leading to authorization bypass and improper authorization, which could be...

6.5CVSS6.6AI score0.00263EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.5 views

Patika Global HumanSuite 安全漏洞

Patika Global HumanSuite is a human resource management platform from Patika Global, Turkey. A security vulnerability exists in Patika Global HumanSuite versions prior to 53.21.0 that stems from improper output encoding or escaping and improper parameter separator neutralization, which could lead...

9.8CVSS7AI score0.00314EPSS
Exploits0References2
Rows per page
Query Builder