VYPR
Medium severity5.4NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026

CVE-2022-46903

CVE-2022-46903

Description

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS.

Affected products

2
  • WebSoft/HCMdescription
  • Epicor/HCMllm-fuzzy
    Range: =2021.2.3.327

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.