Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-25059

Malware in sbrugna...

6.1CVSS6.3AI score0.02012EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-25025

Malware in sbrugna...

6.1CVSS6.3AI score0.01548EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:25 p.m.8 views

CVE-2021-38583

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...

6.1CVSS6AI score0.01548EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:10 p.m.9 views

CVE-2021-38619

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...

6.1CVSS6AI score0.02012EPSS
Exploits1References1
NVD
NVD
added 2021/08/13 3:15 p.m.19 views

CVE-2021-38619

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...

6.1CVSS0.02012EPSS
Exploits1References3
OSV
OSV
added 2021/08/13 3:15 p.m.4 views

CVE-2021-38619

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...

6.1CVSS5.7AI score0.02012EPSS
Exploits1References3
Prion
Prion
added 2021/08/13 3:15 p.m.16 views

Cross site scripting

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...

4.3CVSS6.1AI score0.02012EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/08/13 2:43 p.m.53 views

CVE-2021-38619

The CVE-2021-38619 entry concerns openBaraza HCM 3.1.6, where improper neutralization of user-controllable input enables a stored XSS attack against an administrative user via hr/subscription.jsp, hr/application.jsp, and hr/index.jsp (with view=). Attack requires no authentication and is remote. ...

6.1CVSS6AI score0.02012EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/13 2:43 p.m.22 views

CVE-2021-38619

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting XSS attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view=...

6.3AI score0.02012EPSS
Exploits1References3
NVD
NVD
added 2021/08/13 2:15 p.m.10 views

CVE-2021-38583

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...

6.1CVSS0.01548EPSS
Exploits1References3
OSV
OSV
added 2021/08/13 2:15 p.m.2 views

CVE-2021-38583

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...

6.1CVSS5.7AI score0.01548EPSS
Exploits1References3
Prion
Prion
added 2021/08/13 2:15 p.m.17 views

Cross site scripting

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...

4.3CVSS6AI score0.01548EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/08/13 1:36 p.m.16 views

CVE-2021-38583

openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting XSS on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp with view= and data=...

6.3AI score0.01548EPSS
Exploits1References3
CVE
CVE
added 2021/08/13 1:36 p.m.55 views

CVE-2021-38583

CVE-2021-38583 affects openBaraza HCM 3.1.6, where a failure to properly neutralize user-controllable input enables a reflected XSS vulnerability. The issue is observed on multiple pages (hr/subscription.jsp, hr/application.jsp, and hr/index.jsp with view= and data=). Root cause: inadequate input...

6.1CVSS6AI score0.01548EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.4 views

openBaraza HCM 跨站脚本漏洞

openBaraza HCM is a comprehensive HR and Talent Management software solution that encompasses not only traditional core HR functionality, but also key aspects of Talent Management. A security vulnerability exists in openBaraza HCM version 3.1.6 that stems from not properly neutralizing...

6.1CVSS6AI score0.01548EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/08/13 12:0 a.m.5 views

openBaraza HCM 跨站脚本漏洞

openBaraza HCM is a comprehensive HR and Talent Management software solution that encompasses not only traditional core HR functionality, but also key aspects of Talent Management. A cross-site scripting vulnerability exists in openBaraza HCM that stems from openBaraza HCM not properly escaping...

6.1CVSS6AI score0.02012EPSS
Exploits1References3
Rows per page
Query Builder