Minthcm@3.0.8 Security Vulnerabilities and Issues — Minthcm@3.0.8 CVE List

Lucene search

MinthcmMinthcm3.0.8

2 matches found

CVE•added 2021/04/26 2:15 p.m.•34 views

CVE-2021-25838

The Import function in MintHCM RELEASE 3.0.8 allows an attacker to execute a cross-site scripting (XSS) payload in file-upload.

6.1CVSS5.9AI score0.00317EPSS

CVE•added 2021/04/26 2:15 p.m.•29 views

CVE-2021-25839

A weak password requirement vulnerability exists in the Create New User function of MintHCM RELEASE 3.0.8, which could lead an attacker to easier password brute-forcing.

9.8CVSS9.3AI score0.00405EPSS