The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of procedures for neutralizing special elements in output data, which allows attackers to carry out attacks aimed at altering the query logic in the XQuery language against the database.
The vulnerability of Websoft HCM’s automation software for HR processes is related to deficiencies in the process of eliminating special elements from output data. Exploiting this vulnerability allows a malicious actor to remotely carry out an attack aimed at altering the query logic in the XQuer...