2 matches found
CVE-2022-25014
Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scripting XSS vulnerability via the "m" parameter in the Dashboard of the current user. This vulnerability allows attackers to compromise session credentials via user interaction with a crafted link...
CVE-2022-25014
CVE-2022-25014 affects Ice Hrm 30.0.0.OS. A reflected XSS exists in the Dashboard via the m parameter of the current user, allowing an attacker to compromise session credentials when a user clicks a crafted link. The provided connected documents confirm the vulnerability class and impact as descr...