6 matches found
CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...
CVE-2022-28740
aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...
Improper access control
aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an attacker to gain unauthenticated access to sensitive functionalities in the application...
Information disclosure
aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...
CVE-2022-28742
aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an attacker to gain unauthenticated access to sensitive functionalities in the application...
CVE-2022-28742
CVE-2022-28742 affects aEnrich eHRD Learning Management Key Performance Indicator System (version 5+). The vulnerability is improper access control: the web application does not validate user sessions on many pages, allowing an unauthenticated attacker to access sensitive functionality. Impact de...