CVE-2026-38569

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

CVE-2026-38569

CVE-2026-38569 affects HireFlow v1.2. The vulnerability is a Cross Site Scripting (XSS) flaw in candidate_detail.html that can be triggered via the Resume or Feedback Comment fields when submitting through POST /candidates/add or POST /feedback/add. The underlying issue is an XSS in the candidate...

HireFlow 跨站脚本漏洞

HireFlow is an online interview management platform developed by StratonWebDesigners as a personal developer project. Version 1.2 of HireFlow contains a cross-site scripting vulnerability. This vulnerability stems from the Resume or Feedback Comment fields in the candidatedetail.html file, where...

EUVD-2023-39000

Malicious code in bioql PyPI...

CVE-2023-34961

Chamilo v1.11.x up to v1.11.18 was discovered to contain a cross-site scripting XSS vulnerability via the /feedback/comment field...

CVE-2023-34961

Chamilo v1.11.x up to v1.11.18 was discovered to contain a cross-site scripting XSS vulnerability via the /feedback/comment field...

PT-2023-25077 · Chamilo · Chamilo

Name of the Vulnerable Software and Affected Versions: Chamilo versions 1.11.x up to 1.11.18 Description: A cross-site scripting XSS issue was found in the /feedback/comment field, allowing potential exploitation. Recommendations: For versions 1.11.x up to 1.11.18, update to a version later than...

Chamilo LMS 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo versions v1.11.x through v1.11.18,...