2 matches found
CVE-2021-25838
The Import function in MintHCM RELEASE 3.0.8 allows an attacker to execute a cross-site scripting XSS payload in file-upload...
CVE-2021-25838
MintHCM Release 3.0.8 contains an XSS vulnerability in the Import feature during file-upload. The issue arises from the Import functionality allowing an attacker to inject and execute JavaScript in uploaded content, enabling cross-site scripting. Impact is limited to XSS as described in multiple ...