2 matches found
CVE-2024-2634 Multiple vulnerabilities on Meta4 HR from Cegid
A Cross-Site Scripting Vulnerability has been found on Meta4 HR affecting version 819.001.022 and earlier. The endpoint '/ssegenerico/genericologin.jsp' is vulnerable to XSS attack via 'lang' query, i.e. '/ssegenerico/genericologin.jsp?lang=%27%3balert%27BLEUSS%27%2f%2f¶ms='...
CVE-2024-2633
CVE-2024-2633 affects Meta4 HR versions 819.001.022 and earlier. The vulnerability is a Cross-Site Scripting (XSS) in the endpoint /sitetest/english/dumpenv.jsp, exploitable via the lang query parameter (example: /dumpenv.jsp?snoop=yes&lang=%27%3Cimg%20src/onerror=alert(1)%3E¶ms). Affects the...