3 matches found
CVE-2024-46073
A reflected Cross-Site Scripting XSS vulnerability exists in the login page of IceHRM v32.4.0.OS. The vulnerability is due to improper sanitization of the "next" parameter, which is included in the application's response without adequate escaping. An attacker can exploit this flaw by tricking a...
CVE-2024-46073
creationtimestamp| type| source ---|---|--- 2025-01-06 17:23:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113782569211083494 2025-01-06 18:15:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf3qiycnqj2i 2025-01-06 18:43:32+00:00| seen|...
CVE-2024-46073
A reflected Cross-Site Scripting XSS vulnerability exists in the login page of IceHRM v32.4.0.OS. The vulnerability is due to improper sanitization of the "next" parameter, which is included in the application's response without adequate escaping. An attacker can exploit this flaw by tricking a...