2 matches found
CVE-2024-29877
Cross-Site Scripting XSS vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/expenses/expensecategories/edit, 'expensecategoryname' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data...
Sentrifugo 跨站脚本漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. Sentrifugo version 3.2 suffers from a cross-site scripting vulnerability that stems from the lack of effective...