Lucene search
K

8 matches found

NVD
NVD
added 2026/05/11 6:16 p.m.9 views

CVE-2026-38569

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

5.4CVSS0.00208EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.12 views

PT-2026-39657

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidate detail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

5.4CVSS5.8AI score0.00208EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/11 12:0 a.m.6 views

CVE-2026-38569

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

5.8AI score0.00208EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

HireFlow 跨站脚本漏洞

HireFlow is an online interview management platform developed by StratonWebDesigners as a personal developer project. Version 1.2 of HireFlow contains a cross-site scripting vulnerability. This vulnerability stems from the Resume or Feedback Comment fields in the candidatedetail.html file, where...

5.4CVSS5.6AI score0.00208EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/11 12:0 a.m.8 views

CVE-2026-38569

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

5.8AI score0.00208EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.33 views

CVE-2026-38569

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

0.00208EPSS
Exploits1References3
CVE
CVE
added 2026/05/11 12:0 a.m.12 views

CVE-2026-38569

CVE-2026-38569 affects HireFlow v1.2. The vulnerability is a Cross Site Scripting (XSS) flaw in candidate_detail.html that can be triggered via the Resume or Feedback Comment fields when submitting through POST /candidates/add or POST /feedback/add. The underlying issue is an XSS in the candidate...

5.4CVSS5.8AI score0.00208EPSS
Exploits1References3
CVE
CVE
added 2026/03/25 11:26 p.m.10 views

CVE-2026-4758

The CVE-2026-4758 entry concerns the WordPress plugin WP Job Portal . Affected versions include all up to and including 2.4.9 , where insufficient file path validation in the function WPJOBPORTALcustomfields::removeFileCustom enables an authenticated user with at least Subscriber-level access to ...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References3
Rows per page
Query Builder