Jorani Leave Management System 0.6.5 - Cross-Site Scripting
Persistent cross-site scripting XSS issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language. id: CVE-2018-15917 info: name: Jorani Leave Management System 0.6.5 - Cross-Site Scripting author: ritikchaddha severity: medium...