92 matches found
EUVD-2022-49686
Malicious code in bioql PyPI...
EUVD-2022-49684
Malicious code in bioql PyPI...
EUVD-2022-49683
Malicious code in bioql PyPI...
EUVD-2022-49685
Malicious code in bioql PyPI...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the use of open redirection. This allows attackers to redirect users to any arbitrary URL address.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to any arbitrary URL address from a remote location...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by injecting specially crafted JavaScript code into HTML pages...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sending specially crafted HTTP requests remotely...
PT-2025-32187 · "Вебсофт Девелопмент" · Websoft Hcm
Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию...
CVE-2022-46905
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
PT-2025-28933 · Ооо "Вебсофт Девелопмент" · Websoft Hcm
Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с несоответствием ответов на входящие запросы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code by sending a specially crafted POST request...
The vulnerability of Websoft HCM’s automation software for HR processes lies in insufficient validation of input data, allowing attackers to execute arbitrary codes.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to compromise the integrity and accessibility of protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity and accessibility of protected information...
The vulnerability of Websoft HCM’s automation software for HR processes stems from incorrect restrictions on the path to the restricted catalog. This allows attackers to disclose protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to disclose protected information...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary reflected HTML code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute arbitrary HTML code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes allows attackers to execute cross-site scripting attacks (XSS).
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...