4 matches found
CVE-2024-2633
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/sitetest/english/dumpenv.jsp' is vulnerable to XSS attack by 'lang' query, i.e. '/sitetest/english/dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert1%3E¶ms'...
CVE-2024-2633 Multiple vulnerabilities on Meta4 HR from Cegid
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/sitetest/english/dumpenv.jsp' is vulnerable to XSS attack by 'lang' query, i.e. '/sitetest/english/dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert1%3E¶ms'...
CVE-2024-2633 Multiple vulnerabilities on Meta4 HR from Cegid
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/sitetest/english/dumpenv.jsp' is vulnerable to XSS attack by 'lang' query, i.e. '/sitetest/english/dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert1%3E¶ms'...
CVE-2024-2633
CVE-2024-2633 affects Meta4 HR versions 819.001.022 and earlier. The vulnerability is a Cross-Site Scripting (XSS) in the endpoint /sitetest/english/dumpenv.jsp, exploitable via the lang query parameter (example: /dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert(1)%3E¶ms). Affects the...