CVE-2014-100021
CVE-2014-100021 is an XSS vulnerability in OrangeHRM (Symfony-based path: symfony/web/index.php/pim/viewEmployeeList) that allows injection of arbitrary script/HTML through empsearch[employee_name][empId]. Affected product and version: OrangeHRM before 3.1.2. Root cause: improper handling of inpu...