CVE-2024-45920

A Stored Cross-Site Scripting XSS vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature...

CVE-2024-44860

An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45919

CVE-2024-45919 affects Solvait 24.4.2. The vulnerability arises from a flaw in the /AssignToMe/SetAction endpoint where manipulating Request ID and Action Type can bypass approval workflows, enabling privilege escalation and potential access to sensitive data or fraudulent approvals. Connected so...

PT-2024-31846 · Solvait · Solvait

Name of the Vulnerable Software and Affected Versions: Solvait version 24.4.2 Description: A security flaw has been discovered that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in "/AssignToMe/SetAction" API endpoint, an attacker can...

Solvait 安全漏洞

Solvait is a human resource management software from Solvait, Inc. A security vulnerability exists in Solvait version 24.4.2, which stems from a vulnerability that can be exploited by an attacker to elevate his or her privileges, resulting in unauthorized access to sensitive information or approv...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45920

A Stored Cross-Site Scripting XSS vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature...

PT-2024-31848 · Solvait · Solvait

Name of the Vulnerable Software and Affected Versions: Solvait version 24.4.2 Description: A Stored Cross-Site Scripting XSS vulnerability allows remote attackers to inject malicious scripts into the application due to insufficient input validation and sanitization in the "Intrest" feature...

CVE-2024-45920

A Stored Cross-Site Scripting XSS vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature...

CVE-2024-45920

CVE-2024-45920 describes a Stored XSS in Solvait 24.4.2, arising from insufficient input validation/sanitization in the Intrest feature. The vulnerability could allow remote attackers to inject scripts into the application, with the CVSS 3.1 base score reported as 5.4 (Medium) and an attack vecto...

Solvait 安全漏洞

Solvait is a human resource management software from Solvait, Inc. A security vulnerability exists in Solvait version 24.4.2 that stems from the presence of a stored cross-site scripting XSS vulnerability that allows remote attackers to inject malicious script into the application...

CVE-2024-45920

A Stored Cross-Site Scripting XSS vulnerability in Solvait 24.4.2 allows remote attackers to inject malicious scripts into the application. This issue arises due to insufficient input validation and sanitization in "Intrest" feature...

CVE-2024-44860

An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request...

CVE-2024-44860

An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request...

CVE-2024-44860

An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request...

CVE-2024-44860

Solvait v24.4.2 contains an information-disclosure vulnerability in the /Letter/PrintQr/ endpoint that allows an attacker to access sensitive data via a crafted request. Affected component: Solvait software (version 24.4.2). Root cause details are not specified in the provided documents. Impact i...