VYPR
Medium severity6.1NVD Advisory· Published Feb 28, 2022· Updated Jun 17, 2026

CVE-2022-25014

CVE-2022-25014

Description

Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the "m" parameter in the Dashboard of the current user. This vulnerability allows attackers to compromise session credentials via user interaction with a crafted link.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ice Hrm/Ice Hrmdescription
  • IceHrm/icehrmllm-fuzzy
    Range: =30.0.0.OS

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.