Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS.
References
Link | Resource |
---|---|
https://news.websoft.ru/_wt/wiki_base/7175851369410989446 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-12T00:00:00
Updated: 2022-12-12T00:00:00
Reserved: 2022-12-09T00:00:00
Link: CVE-2022-46903
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-12T21:15:10.433
Modified: 2022-12-15T13:50:12.330
Link: CVE-2022-46903
JSON object: View
Redhat Information
No data.
CWE