Back to search
CVE-2021-38619
Published: Aug 13, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting (XSS) attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp (with view=).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://openbaraza.org/
x_refsource_MISC
https://sourceforge.net/projects/obhrms/
x_refsource_MISC
https://github.com/charlesbickel/CVE-2021-38619
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now