Lucene search
K

5 matches found

NVD
NVD
added 2026/04/22 4:16 a.m.7 views

CVE-2026-6834

The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method...

7.1CVSS0.00259EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/13 7:43 a.m.4 views

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/11/12 8:15 a.m.1 views

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.8AI score0.00187EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/12 7:30 a.m.4 views

EUVD-2025-119991

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.4AI score0.00187EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/03 12:0 a.m.4 views

aEnrich a+HRD 授权问题漏洞

aEnrich a+HRD is a full-service human resources development solution from aEnrich, Inc. A security vulnerability exists in aEnrich a+HRD that stems from an incorrect login authentication feature in its a+HRD allowing an unauthenticated, remote attacker to bypass authentication and gain access to...

9.8CVSS8.9AI score0.01454EPSS
Exploits0References2
Rows per page
Query Builder