92 matches found
PT-2022-28005 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
PT-2022-28002 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: WebSoft HCM version 2021.2.3.327 Description: The issue arises from insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser. This includes scripts i...
CVE-2022-46906
CVE-2022-46906 affects WebSoft HCM 2021.2.3.327. The root cause is insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in Reflected XSS. In the linked sources, the CVE ...
CVE-2022-46904
The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...
CVE-2022-46905
CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s HR automation software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s HR automation software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information through specially crafted requests...
The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in the session identifier generation mechanism. This allows attackers to exploit their privileges.
The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in the session identifier generation mechanism. Exploiting this vulnerability can allow attackers to increase their privileges remotely...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the redirection of URLs to unreliable websites, allowing attackers to redirect users to arbitrary URL addresses.
The vulnerability of Websoft HCM’s automation software for HR processes involves the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to remotely redirect users to any given URL address...
The vulnerability of Websoft HCM’s automation software for HR processes lies in its ability to download files of a dangerous type without limitation, allowing an attacker to execute arbitrary code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of measures taken to protect the website structure. This allows attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s HR automation software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
The vulnerability of Websoft HCM’s automation software for HR processes lies in insufficient validation of input data, allowing attackers to execute arbitrary codes.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from errors in filtering user code within the XML tag processor. This allows attackers to execute arbitrary code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to errors in filtering user code within the XML tag handler. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data. This allows attackers to obtain information about identities, which can be used in attacks targeting authentication mechanisms.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to obtain information about identities, which can be used in attacks targeting authentication mechanisms...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of the “Secure” attribute being set in the authentication session cookies. This allows attackers to carry out attacks aimed at intercepting HTTP network traffic and obtaining the user’s session identifier.
The vulnerability of Websoft HCM’s automation software for HR processes stems from the lack of the “Secure” attribute being set in the authentication session cookies. Exploiting this vulnerability allows a remote attacker to conduct attacks aimed at intercepting HTTP network traffic and obtaining...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of protection for operational data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of protection for operational data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information through specially crafted requests...