16 matches found
EUVD-2021-25059
Malware in sbrugna...
EUVD-2021-25025
Malware in sbrugna...
CVE-2021-38583
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...
CVE-2021-38619
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...
CVE-2021-38619
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...
CVE-2021-38619
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...
Cross site scripting
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...
CVE-2021-38619
The CVE-2021-38619 entry concerns openBaraza HCM 3.1.6, where improper neutralization of user-controllable input enables a stored XSS attack against an administrative user via hr/subscription.jsp, hr/application.jsp, and hr/index.jsp (with view=). Attack requires no authentication and is remote. ...
CVE-2021-38619
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...
CVE-2021-38583
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...
CVE-2021-38583
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...
Cross site scripting
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...
CVE-2021-38583
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...
CVE-2021-38583
CVE-2021-38583 affects openBaraza HCM 3.1.6, where a failure to properly neutralize user-controllable input enables a reflected XSS vulnerability. The issue is observed on multiple pages (hr/subscription.jsp, hr/application.jsp, and hr/index.jsp with view= and data=). Root cause: inadequate input...
openBaraza HCM 跨站脚本漏洞
openBaraza HCM is a comprehensive HR and Talent Management software solution that encompasses not only traditional core HR functionality, but also key aspects of Talent Management. A security vulnerability exists in openBaraza HCM version 3.1.6 that stems from not properly neutralizing...
openBaraza HCM 跨站脚本漏洞
openBaraza HCM is a comprehensive HR and Talent Management software solution that encompasses not only traditional core HR functionality, but also key aspects of Talent Management. A cross-site scripting vulnerability exists in openBaraza HCM that stems from openBaraza HCM not properly escaping...