2 matches found
CVE-2022-45008
Online Leave Management System v1.0 was discovered to contain a stored cross-site scripting XSS vulnerability in the component /leavesystem/admin/?page=maintenance/department. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted payload injected into the Name...
CVE-2022-45008
Online Leave Management System v1.0 contains a stored cross-site scripting (XSS) vulnerability in the component /leave_system/admin/?page=maintenance/department. The flaw allows an attacker to run arbitrary web scripts or HTML by injecting a payload into the Name field under the Create New module...