72 matches found
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46903
CVE-2022-46903 concerns WebSoft HCM 2021.2.3.327, where insufficient processing of user input allows an authenticated attacker to inject arbitrary HTML (including JavaScript) into pages processed by the user’s browser, resulting in Stored XSS . Related sources (PT-2022-28002) indicate a remediati...
CVE-2022-46905
CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...
WebSoft HCM 跨站脚本漏洞
WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from insufficient handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by...
PT-2022-28003 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...
WebSoft HCM 跨站脚本漏洞
WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from insufficient handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by...
CVE-2022-46905
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-46905
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
PT-2022-28002 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
PT-2022-28004 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: Insufficient processing of user input in WebSoft HCM allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the...
CVE-2022-46904
The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...
CVE-2022-46906
CVE-2022-46906 affects WebSoft HCM 2021.2.3.327. The root cause is insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in Reflected XSS. In the linked sources, the CVE ...
WebSoft HCM 跨站脚本漏洞
WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from inadequate handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by th...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data. This allows attackers to obtain information about identities, which can be used in attacks targeting authentication mechanisms.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to obtain information about identities, which can be used in attacks targeting authentication mechanisms...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.
The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...
The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in filtering user code within the XML tag processor. This allows attackers to execute arbitrary code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in filtering user code within the XML tag handler. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...