Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2025/11/12 7:30 a.m.3 views

CVE-2025-12869 aEnrich|eHRD - Stored Cross-Site Scripting

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS5.5AI score0.00187EPSS
Exploits0References2
NVD
NVD
added 2022/09/09 4:15 p.m.19 views

CVE-2022-28740

aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...

7.5CVSS0.00616EPSS
Exploits0References2
Prion
Prion
added 2022/09/09 4:15 p.m.11 views

Improper access control

aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an attacker to gain unauthenticated access to sensitive functionalities in the application...

5CVSS7.7AI score0.00616EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/09 4:15 p.m.16 views

Information disclosure

aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...

5CVSS7.5AI score0.00616EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/09 3:54 p.m.22 views

CVE-2022-28742

aEnrich eHRD Learning Management Key Performance Indicator System 5+ has Improper Access Control. The web application does not validate user session when accessing many application pages. This can allow an attacker to gain unauthenticated access to sensitive functionalities in the application...

7.9AI score0.00616EPSS
Exploits0References2
CVE
CVE
added 2022/09/09 3:54 p.m.51 views

CVE-2022-28742

CVE-2022-28742 affects aEnrich eHRD Learning Management Key Performance Indicator System (version 5+). The vulnerability is improper access control: the web application does not validate user sessions on many pages, allowing an unauthenticated attacker to access sensitive functionality. Impact de...

7.5CVSS7.7AI score0.00616EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder