Medium severity5.4NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026
CVE-2022-46903
CVE-2022-46903
Description
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS.
Affected products
2- WebSoft/HCMdescription
Patches
Vulnerability mechanics
References
1- news.websoft.ru/_wt/wiki_base/7175851369410989446nvdVendor Advisory
News mentions
0No linked articles in our index yet.