CVE-2022-46905

CVE-2022-46905 affects WebSoft HCM 2021.2.3.327. The vulnerability stems from insufficient processing of user input, enabling an unauthenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in reflected XSS. The available docu...

CVE-2022-46904

The CVE-2022-46904 affects WebSoft HCM 2021.2.3.327. The vulnerability arises from insufficient processing of user input in WebSoft HCM, allowing an authenticated attacker to inject arbitrary HTML into pages processed by the user’s browser, enabling Self-XSS. Concrete details across connected sou...

CVE-2022-46903

CVE-2022-46903 concerns WebSoft HCM 2021.2.3.327, where insufficient processing of user input allows an authenticated attacker to inject arbitrary HTML (including JavaScript) into pages processed by the user’s browser, resulting in Stored XSS . Related sources (PT-2022-28002) indicate a remediati...

CVE-2022-46906

CVE-2022-46906 affects WebSoft HCM 2021.2.3.327. The root cause is insufficient processing of user input, allowing an authenticated attacker to inject arbitrary HTML tags (including JavaScript) into pages processed by the user’s browser, resulting in Reflected XSS. In the linked sources, the CVE ...