Cross site scripting

Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting XSS vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'...

CVE-2018-12650

Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting XSS vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'...

CVE-2018-12650

Adrenalin HRMS 5.4.0 has a reflected XSS in the ApplicationtEmployeeSearch page, triggered by user input in the parameters prntFrmName and prntDDLCntrlName . The vulnerable input is echoed back in the HTML/JavaScript, enabling script execution in the user’s browser. Public exploit entries exist (...