CVE-2021-38822

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands...

CVE-2018-12420

IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request...