VYPR
Medium severity5.4NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026

CVE-2022-46904

CVE-2022-46904

Description

Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS.

Affected products

2
  • WebSoft/HCMdescription
  • Epicor/HCMllm-fuzzy
    Range: =2021.2.3.327

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.