Lucene search
+L

72 matches found

Vulnrichment
Vulnrichment
added 2022/12/12 12:0 a.m.12 views

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

6.8AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2022/12/12 12:0 a.m.59 views

CVE-2022-46903

CVE-2022-46903 concerns WebSoft HCM 2021.2.3.327, where insufficient processing of user input allows an authenticated attacker to inject arbitrary HTML (including JavaScript) into pages processed by the user’s browser, resulting in Stored XSS . Related sources (PT-2022-28002) indicate a remediati...

5.4CVSS5.3AI score0.00341EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/12 12:0 a.m.67 views

CVE-2022-46905

CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...

6.1CVSS6.2AI score0.00385EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.5 views

WebSoft HCM 跨站脚本漏洞

WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from insufficient handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by...

5.4CVSS5.9AI score0.00341EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.6 views

PT-2022-28003 · Websoft · Websoft Hcm

Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...

5.4CVSS6.8AI score0.00341EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.5 views

WebSoft HCM 跨站脚本漏洞

WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from insufficient handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by...

5.4CVSS5.9AI score0.00341EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/12 12:0 a.m.6 views

CVE-2022-46905

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

7AI score0.00385EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.55 views

CVE-2022-46903

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...

5.6AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.23 views

CVE-2022-46906

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

5.6AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.33 views

CVE-2022-46904

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...

5.6AI score0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/12 12:0 a.m.35 views

CVE-2022-46905

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...

6.5AI score0.00385EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.7 views

PT-2022-28002 · Websoft · Websoft Hcm

Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...

5.4CVSS6.8AI score0.00341EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/12/12 12:0 a.m.8 views

CVE-2022-46903

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...

5.3AI score0.00341EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.6 views

PT-2022-28004 · Websoft · Websoft Hcm

Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: Insufficient processing of user input in WebSoft HCM allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the...

6.1CVSS7.5AI score0.00385EPSS
Exploits0References5
CVE
CVE
added 2022/12/12 12:0 a.m.64 views

CVE-2022-46904

The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...

5.4CVSS5.3AI score0.00341EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/12 12:0 a.m.60 views

CVE-2022-46906

CVE-2022-46906 affects WebSoft HCM 2021.2.3.327. The root cause is insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in Reflected XSS. In the linked sources, the CVE ...

5.4CVSS5.4AI score0.00341EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.6 views

WebSoft HCM 跨站脚本漏洞

WebSoft HCM is a talent management and HR services platform from WebSoft Ukraine. A security vulnerability exists in WebSoft HCM version 2021.2.3.327, which stems from inadequate handling of user input and allows an authenticated attacker to inject arbitrary HTML markup into pages processed by th...

6.1CVSS6.4AI score0.00385EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.7 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data. This allows attackers to obtain information about identities, which can be used in attacks targeting authentication mechanisms.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to obtain information about identities, which can be used in attacks targeting authentication mechanisms...

6.8CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.12 views

The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...

7.6CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/23 12:0 a.m.4 views

The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in filtering user code within the XML tag processor. This allows attackers to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in filtering user code within the XML tag handler. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder