The vulnerability of Websoft HCM’s automation software for HR processes lies in the incorrect expiration time of sessions. This allows attackers to reuse the session credentials to access user information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to incorrect session duration settings. Exploiting this vulnerability allows a malicious actor to repeatedly use session credentials to access user information...

The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in the session identifier generation mechanism. This allows attackers to exploit their privileges.

The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in the session identifier generation mechanism. Exploiting this vulnerability can allow attackers to increase their privileges remotely...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.

The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...

The vulnerability of Websoft HCM’s automation software for HR processes lies in its uncontrolled resource consumption, which allows attackers to trigger service interruptions.

The vulnerability of Websoft HCM’s automation software for HR processes is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of Websoft HCM’s automation software for HR processes lies in insufficient validation of input data, allowing attackers to execute arbitrary codes.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.

The vulnerability of Websoft HCM’s HR automation software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of Websoft HCM’s automation software for HR processes lies in its ability to download files of a dangerous type without limitation, allowing an attacker to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information through specially crafted requests...

The vulnerability of Websoft HCM’s automation software for HR processes stems from improper code generation management, allowing attackers to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the generation of HTTP requests...

The vulnerability of Websoft HCM’s automation software for HR processes stems from improper code generation management, allowing attackers to execute arbitrary code.

The vulnerability of Websoft HCM’s automation software for HR processes is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the generation of HTTP requests...

test28.websoft.lv Cross Site Scripting vulnerability OBB-1457510

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Websoft ourpeople.php parameter id SQL injection vulnerability

No description provided by source...