Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS.
References
Link | Resource |
---|---|
https://news.websoft.ru/_wt/wiki_base/7175852586100985308 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-12T00:00:00
Updated: 2022-12-12T00:00:00
Reserved: 2022-12-09T00:00:00
Link: CVE-2022-46906
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-12-12T21:15:10.597
Modified: 2022-12-15T13:50:46.917
Link: CVE-2022-46906
JSON object: View
Redhat Information
No data.
CWE